Geeklog 1.7.1sr1 is now available

By Mike Johnston January 4, 2011 (Updated: May 31, 2013) News & Headlines

Some updates from the Geeklog universe:

Geeklog 1.7.1sr1 addresses an XSS in the Configuration admin panel, reported by Aung Khant of the YGN Ethical Hacker Group. Due to the built-in CSRF protection this weakness is somewhat harder to exploit but we would nonetheless advise that you secure your site by installing this update ASAP.

In addition to the complete 1.7.1sr1 tarball, there are also update files for Geeklog 1.7.1 and for Geeklog 1.6.1sr1 that contain only a fixed version of the affected file (see the included README file for installation instructions).

Users of older Geeklog releases should consider upgrading to Geeklog 1.7.1sr1 soon (use the complete 1.7.1sr1 tarball to upgrade from any older version).

A note for those who are still running on PHP 4: There's a known bug in the Static Pages plugin in Geeklog 1.7.1 that makes it incompatible with PHP 4. We will address this issue in a future bugfix update. In the meantime, consider upgrading to Geeklog 1.6.1sr2 - or upgrade to PHP 5, if possible.

Mike Johnston

Mike Johnston Author

Mike started CMS Critic in 2008 and has become a recognizable face and valued expert in the world of content management. He has worked with many small business and enterprises to establish their online presence and to assist with marketing strategies. If you are interested in working with him, drop him a line.

About CMS Critic

CMS Critic is one of the top resources on the web for unbiased, honest reviews. Since 2008, we've provided a resource for readers worldwide to find information, get advice and discover the latest news about software, hardware and services such as Content Management Systems, Website Builders, Linux Distributions and much more. To learn how to contribute or work with us, drop us a line.

Follow Us