[info] OJS, OCS, OHS Security Update

[ Thread Index | Date Index | More freesb.eu/info Archives ]

To: Kevin Stranack <kstranac@xxxxxx>
Subject: [info] OJS, OCS, OHS Security Update
From: Kevin Stranack <kstranac@xxxxxx>
Date: Thu, 29 Jul 2010 13:57:29 -0600

**Apologies for cross-posting**

The PKP development team has discovered a potential security risk inOJS, OCS, and OHS, introduced with the 2.3 versions, which potentiallyallows arbitrary PHP code execution, depending on how your server isconfigured.

There have not yet been any reported cases of this vulnerability beingexploited.

If you are running an installation with a 2.2 or older version, noaction is required.

If you are running a 2.3 or newer version, please have your serveradministrator apply the patch available here as soon as possible:


http://pkp.sfu.ca/bugzilla/show_bug.cgi?id=5563

To check which version you are currently using, go to About, and findthe About this Publishing/Conference System link.

If you are not responsible for maintaining the software used by yourjournal, conference, or harvester, please forward this message on to theappropriate person.


If you have any questions, please contact us at pkp-support@xxxxxx

Sincerely,
Kevin Stranack
Public Knowledge Project Team

Messages sorted by: [ date | thread ]
Prev by Date: [info] See my photos and favorite places
Previous by thread: [info] See my photos and favorite places

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/