[dokuwiki] Re: Security Tracker "bug", Request Patch
- From: Andreas Gohr <andi@xxxxxxxxxxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Fri, 02 Jun 2006 21:33:55 +0200
burt wrote:
Thanks. I think this is a good plan. However, I am concerned that I
don't end up running beta code, but keeping sync w/ the dev tree.
I don't recommend running devel releases on production servers. Instead
you should just fix security problems. Critical bugs are always
announced at the freshmeat announcement list together with a link to a
description on how to manually fix the problem. Usually a fixed release
(version number just gets a letter appended) is provided for download as
well.
However in this case the problem is considered non-critical as it is
only exploitable by admin users. Normal users could just hack them self ;-)
See
http://bugs.splitbrain.org/?do=details&id=820
on how you could fix it your self.
Andi
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist
Other related posts: