OpenX Upgrade

2 naročnika

Vsem webmajstrom v vednost, da je na voljo nov update za OpenX verzija 2.8.7 v katerem so odpravljene varnostne luknje.

Nadgradnja obvezna!

http://www.openx.org/ad-server/download

Obvestilo za javnost:

Security is an important priority at OpenX and we’re constantly working to provide security patches and bug fixes as soon as we become aware of any potential issue. As these issues are discovered, we validate, patch and release as quickly as we can. But it’s important to understand that avoiding potential security issues also requires server administrators to be vigilant and upgrade their systems to new, patched versions as soon as they become available.
It has been brought to our attention that there is a vulnerability in the 2.8 downloadable version of OpenX that can result in a server running the downloaded version of OpenX being compromised. We have already closed this vulnerability with the latest version of our software. To avoid this issue, we recommend that all users immediately upgrade their systems to 2.8.7.

izgleda, da je folk masovno navalil na update, ker so strani openx že cel dan mrtve.

Tukaj je še ena povezava do bloga, kjer lahko najdete alternativen link za download.
http://blog.sucuri.net/2010/09/openx-users-time-to-upgrade.html

Ali pa kot navaja avtor:

If you can’t upgrade, make sure to delete the following file: admin/plugins/videoReport/lib/ofc2/ofcuploadimage.php

Zgleda da je tudi v verziji 2.8.7 varnostna luknja, zato je že na voljo nova verzij 2.8.8:
http://forum.openx.org/index.php?showtopic=503506938