Important Security Update for RSS Package - Patch Available

Will • Thu 14 of May, 2009 (15:50 UTC)
A Critical Security Flaw was discovered in RSS Package. Under the right conditions the security flaw can expose one's server to arbitrary creation and overwrite of server files and folders. This flaw effects all versions of bitweaver prior to 2.6.0. Details here …

You are strongly urged to apply the patch or upgrade to 2.6.1 or later

There is only one file to replace in the rss package: rss_inc.php. To replace it manually, download bitweaver.org/downloads/file/16337 (the patched rss_inc.php).


Comments