XOOPS 資安更新程式發佈

日期 2016年01月20日 20:32:54 | 新聞類別: 最新訊息
The XOOPS Development Team is pleased to announce the release of a security patch for XOOPS Final.
This patch for XOOPS corrects multiple issues.

We would like to specifically thank Tim Coen of (Curesec GmbH), who notified us about these issues.

All XOOPS 2.5.7 users are advised to apply this patch as soon as possible.

It is also recommended that all XOOPS administrators practice defense in depth, including:
- have the Protector module installed active
- stay current with all patches
- be cautious with administative account use (only when needed, no autologin)
- caution in clicking links in messages and other untrusted sources

Download: You can download the patch from XOOPS File Repository on SourceForge

NOTE 1: Any users that are running an older XOOPS version are advised to update to XOOPS now, which includes the patch.

NOTE 1: 使用較舊版本XOOPS站長建議馬上更新至XOOPS,本版本內含資安更新。


You can find more information about the original XOOPS 2.5.7 release in this article
NOTE 2: Work continues on our next major release of XOOPS! To see what's coming, please check out our GitHub code repositories:

- XOOPS 2.6.0 Core

- XOOPS 2.6.0 Modules

- XOOPS 2.6.0 Roadmap

and especially the great work Eduardo (bitcero) is doing on:

- XOOPS 2.6.0 Enhanced Admin GUI

Please also check out our other Github repositories: