[pmwiki-announce] Vulnerability in SQLite PageStore class, new version
Petko Yotov
5ko at 5ko.fr
Mon Jul 18 14:40:02 CDT 2011
Hello,
I've just released the SQLite PageStore class, available from:
http://www.pmwiki.org/wiki/Cookbook/SQLite
http://notamment.fr/common/cookbook/sqlite.txt
The purpose of this release is to close a potential security vulnerability
reported earlier today, that could potentially allow an SQL injection. No
known actual exploits of this vulnerability have been reported, but all users
are urged to upgrade.
For those who are running older versions of sqlite.php, the vulnerability can
be avoided by upgrading to this release.
Upgrading from the previous version should be without any difficulties (just
replacing the old file with the new one).
Before upgrading from even older versions, please read the installation
instructions and the release notes:
http://www.pmwiki.org/wiki/Cookbook/SQLite
If upgrading poses a difficulty for any site, please contact me at 5ko <snail>
5ko.fr for assistance.
Thanks,
Petko
More information about the pmwiki-announce
mailing list