Follow-up Comment #1, bug #35388 (project mhonarc):
Posting this as a security bug in savannah didn't have the effect I intended
-- it is marked as private in savannah, but unfortunately it showed up in the
mhonarc-dev archives in mhonarc.org as a public post. So I went ahead and
patched it as suggested on our site; it has been working well for us. We
would appreciate that this patch (or something equivalent) is integrated onto
the next version of Mhonarc.
All sites using PHP for archives are affected by this PHP injection bug; it's
quite possible that sites using other languages are similarly affected too.
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/bugs/?35388>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
---------------------------------------------------------------------
To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the
message text UNSUBSCRIBE MHONARC-DEV
