[geeklog-devel] PHP Vulns

[Dirk Haun]

>It looks like the code in Geeklog proper is OK but pear distributed with 
>Geekloog and magpierss (used in spamx) use some of the vulnerable functions.

Thanks, Tom.


>At least Geeklog was not listed as a vulnerable script like:

Well, they surely can't test each and every open source project ...

I came to the same conclusion (that Geeklog is not affected) when the
vulnerabilities were announced on Thursday since I know that that core
code isn't using any of those functions. But I didn't check the 3rd-party
code. I doubt there's a way to exploit the vulnerabilities there, though.

bye, Dirk


-- 
http://www.haun-online.de/
http://geeklog.info/