Categories
News archives
- September 2008 (2)
- April 2008 (2)
- March 2008 (3)
- January 2008 (1)
- December 2007 (2)
- November 2007 (2)
- October 2007 (3)
- September 2007 (4)
- August 2007 (1)
- July 2007 (2)
- June 2007 (3)
- May 2007 (4)
- More...
Search news
News:
| « b2evolution.net: help wanted! :) | Article sur b2evolution dans L'informaticien » |
Fix for XML-RPC vulnerability
A critical security issue has been discovered in the XML-RPC for PHP that most applications use, including b2evolution.
It is highly recommended you fix you installation by downloading this patch file and unzipping it into you /blogs/b2evocore/ folder. This should overwrite the two following files:
- _functions_xmlrpc.php
- _functions_xmlrpcs.php
This patch has been tested on the latest 0.9.0.12 "Amsterdam" release but is believed to work on all 0.9.0.x versions.
The patch will be included in future releases.
2 comments
Comment from: Sigg3 [Visitor] · http://sigg3.net/cafelog
This is exclusively b2evolution, or are we talking about a vulnerability for b2 (original) as well?
2005-07-08 @ 15:46
This also affects the original b2 as well as most other PHP blog tools.
In addition the original b2 has a lot more security issues that remain unfixed.
This is one of the reasons we have 'evolution'!
In addition the original b2 has a lot more security issues that remain unfixed.
This is one of the reasons we have 'evolution'!
2005-07-08 @ 17:09
Leave a comment
