Raphael (atomo64) today posted a security vulnerability in our bug tracker. We implemented as soon as possible a fix to solve this vulnerability. As a result you can download the new release candidate RC2b.
For fixing only the critical security bug, there is a patch available on
http://downloads.sourceforge.net/ispcp/i...-patch.txt
With the next command you can install the patch:
Code:
patch -cl -d /var/www/ispcp < /path/to/ispcp-omega-1.0.0-rc2-security-patch.txt
To manually fix the security bug add the following line above in the file /var/www/ispcp/gui/include/sql.php immediately below the commented text (around line 20):
PHP Code:
$include_path = realpath(dirname(__FILE__));
We thank Raphael to reporting this security bug and we hope everyone using ispCP Omega will patch this bug. To stay informed about security bugs and new releases, subscribe to our announce mailinglist.
Search
Member List
Calendar
Help
