-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi list,
I've uploaded NfSen 1.3.2 which fixes a security bug.
Due to some changes from php4 to php5 and double input checking,
a remote command execution security bug exists in all NfSen versions 1.3 and
1.3.1.
Users are requested to update to nfsen-1.3.2.
Other issues:
On some platforms mainly having Perl 5.10 installed, NfSen may run slower, then
with Perl versions < 5.10.
This is due to changes in the module Sys::Syslog. User should upgrade to
nfsen-1.3.2.
Note: If you run any plugins, make sure to remove *all* lines with
Sys::Syslog::setlogsock('unix'); from all plugins and
reload NfSen.
Regards
- Peter
- --
_______ SWITCH - The Swiss Education and Research Network ______
Peter Haag, Security Engineer, Member of SWITCH CERT
PGP fingerprint: D9 31 D5 83 03 95 68 BA FB 84 CA 94 AB FC 5D D7
SWITCH, Werdstrasse 2, P.O. Box, CH-8021 Zurich, Switzerland
E-mail: [email protected] Web: http://www.switch.ch/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iQCVAwUBSi93iv5AbZRALNr/AQKBnQP/Qe+j7h64Dxp1ec219KxDTHmGst29G+iH
BOoA13MrTQtkHYrBcEUD1tEsmPviIJT5E0oQCVtEfvvkxgJevOoKHU4zAGWBDreg
h2s0i2UR6uGleM5RlwtgXvAqptJz0xsym7yjEuOm1pbSMArq4ZjEQBe5FbKJspoU
3+0H4Ozmv3c=
=FOrx
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Nfsen-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
