[geeklog-devel] PHP Vulns

Dirk Haun dirk at haun-online.de
Sat Dec 18 04:09:46 EST 2004

>It looks like the code in Geeklog proper is OK but pear distributed with 
>Geekloog and magpierss (used in spamx) use some of the vulnerable functions.

Thanks, Tom.

>At least Geeklog was not listed as a vulnerable script like:

Well, they surely can't test each and every open source project ...

I came to the same conclusion (that Geeklog is not affected) when the
vulnerabilities were announced on Thursday since I know that that core
code isn't using any of those functions. But I didn't check the 3rd-party
code. I doubt there's a way to exploit the vulnerabilities there, though.

bye, Dirk


More information about the geeklog-devel mailing list