[dokuwiki] Re: Security Tracker "bug", Request Patch

burt wrote:

Thanks. I think this is a good plan. However, I am concerned that I don't end up running beta code, but keeping sync w/ the dev tree.

I don't recommend running devel releases on production servers. Instead you should just fix security problems. Critical bugs are always announced at the freshmeat announcement list together with a link to a description on how to manually fix the problem. Usually a fixed release (version number just gets a letter appended) is provided for download as well.


However in this case the problem is considered non-critical as it is only exploitable by admin users. Normal users could just hack them self ;-)

See
http://bugs.splitbrain.org/?do=details&id=820
on how you could fix it your self.

Andi

--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist

Other related posts: