Programmin' Prim8

Entries tagged as yawp

Tags related to tag yawp

pear php

Tuesday, July 12. 2005

Time for a Yawpgrade

For those following along with the PEAR/Yawp series, a serious security hole was found in Yawp 1.0.6, and all users are strongly recommended to upgrade.

pear upgrade http://phpyawp.com/Yawp-1.1.0.tgz

Changelog:

  • BACKWARDS COMPATIBILITY BREAK: Removed the
    $GLOBALS['_Yawp']['conf_path'] variable, as it can be the source of
    serious security problems when register_globals is turned on in
    combination with other circumstances. In its place, use
    define('YAWP_CONF_PATH', '/path/to/Yawp.conf.php') to set up a custom
    configuration file location. Thanks to Stefan Esser of hardened-php.net
    for discovering this simple but potentially serious flaw.

  • Added htmlspecialchars() to the trigger_error() messages generated when the configuration file cannot be read or found.

Posted by ir8prim8 in Software at 15:25 | Comments (2) | Trackbacks (0)
Defined tags for this entry: , ,
(Page 1 of 1, totalling 1 entries)

Show tagged entries

ajax blog bootstrap code csharp cult democracy deployment development dom dotnet eaccelerator ebm encryption goth hurricane hurricane katrina impeach bush industrial javascript listserv mailing lists mailman music mysql notation optimizing oscommerce pear php plugins politics programming rails redirect REST ruby ruby on rails s9y serendipity social systems software source control spam spellcheck strange svn ufo vs.net vss web winforms xampp yawp

Quicksearch

Del.icio.us PHP Feed

* Ubuntu LAMP Server Guide - Configure Apache, mySQL, and cgi-bin : Zaphu
Friday, November 21. 2008

* PHP - PHP-MySQL Login System tutorial
Friday, November 21. 2008

* Creating a file based login system
Friday, November 21. 2008

* Planeta WordPress
Friday, November 21. 2008

* Twilio: Web Service API for Making and Receiving Phone Calls, building hosted IVR and PBX telephone applications
Friday, November 21. 2008

Del.icio.us Ruby Feed

* Ryan's Scraps: Roxy: A Ruby Proxy-Object Library
Friday, November 21. 2008

* Ruby Tools Roundup - The Devver Blog
Friday, November 21. 2008

* Beast
Friday, November 21. 2008

* How to raise and rescue Exceptions in Ruby on Rails - RailsOnWave Ruby on Rails web 2.0 Ajax
Friday, November 21. 2008

* Creating Games in Ruby (Part 2) | O'Reilly Media
Friday, November 21. 2008

Top Referrers

www.google.com (2)
www.google.nl (1)

Top Exits

www.bobpowell.net (152)
prim8.net (41)
phpyawp.com (14)
www.broken-notebook.com (14)
blogs.msdn.com (13)
blogs.linux.ie (8)
joelonsoftware.com (8)
phplens.com (8)
www.codeproject.com (8)
programmin.prim8.net (7)

Archives

November 2008
October 2008
September 2008
Recent...
Older...

Syndicate This Blog

Googling?

getting started with db_table pear
remove solution from source control
oscommerce redirect

Blo.gs I Read

* Yurii Rashkovskii's Blog
Thursday, December 7. 2006

* Ryan's Scraps
Tuesday, December 5. 2006

* Shades of Gray
Tuesday, December 5. 2006

* Martin Fowler's Bliki
Saturday, December 2. 2006

* Tobias Schlitt - a passion for php
Tuesday, September 5. 2006

* Our Blog update
Tuesday, August 22. 2006

Link.al.icio.us

(More)

Contact Me

Technoratings

"heaven's gate" Do comet x 1
vss x 1
spellcheck x 7
eaccelerator x 1
pear x 2