Shaun Murray wrote:
On 26 Feb 2005, at 19:15, Greg Morgan wrote:
Matthew McNaney wrote:
Please download and untar in your phpwebsite installation directory.
http://phpwebsite.appstate.edu/downloads/security/
phpws_image_secure_patch.tgz
I thought there was another security release some time ago. Is it
time to release 0.10.1 with these patches and any other bug fixes
that have been accrued?
I think the only changes in cvs since 0.10.0 have been these security
changes and a template change in pagemaster so it would usually be a
little early for a 0.10.1 release although it's perhaps important now
for new users so that they don't install 0.10.0 without the security
patch.
Shaun
aegis design - http://www.aegisdesign.co.uk
I am wondering what the best solution is based on the skill of some
users in the forum? For example, even though there is information on
unzipping modules and themes here
http://phpwebsite-comm.sourceforge.net/wiki/index.php?title=Third_Party_Module_Installation
http://phpwebsite-comm.sourceforge.net/wiki/index.php?title=Third_Party_Theme_Installation_Guide
I don't many users will make the connection.
If we say go to cvs for the updates and use this documentation
http://phpwebsite-comm.sourceforge.net/wiki/index.php?title=Maintenance_Guide
that may be too involved for most users.
Saying please upgrade to this 0.10.1 security release using this
documentation
http://phpwebsite-comm.sourceforge.net/wiki/index.php?title=Upgrade_Guide
may be the safest best.
Then again why am I concerned about this? There's enough people that
don't follow updates for the software they use that phpWebSite will
still get the bad press for the problem even though there was a quick
resolution by ASU. Thankfully, we didn't have to wait for the
commercial vendor 12 steps: denial of the issue, committee investigation
of the issue, development of the mission statement concerning the issue,
lower the risk of the issue, corporate spin doctoring the issue, the
announcement that it will be with the next monthly patch, think about
creating the patch, ...
Greg
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
|
