 |
|
You are here: Foswiki>Support Web>SupportQuestions>Question90 (20 Mar 2009, CrawfordCurrie)Edit Attach
This question about Upgrading from TWiki to Foswiki: Answered
Are security alerts 3195, 5304, 5305 addressed in fw 1.0.0??
I had upgraded to TWiki-4.2.4 due to hacker intrusion, likely due to recent security alerts. Then, I ported to foswiki 1.0.0. DOES Foswiki 1.0.0 cover these security vulnerabilities?-
Security Alert: TWiki SEARCH variable allows arbitrary shell command execution - Fix available in SecurityAlert-CVE-2008-5305, fixed in TWiki 4.2.4
- Security Alert: Cross-site scripting vulnerability with TWiki URLPARAM variable
- Fix available in SecurityAlert-CVE-2008-5304, fixed in TWiki 4.2.4
- Security Alert: Arbitrary Code Execution in Configure Script
- Fix available in SecurityAlert-CVE-2008-3195, fixed in TWiki 4.2.3
[email protected] so we can try to help work out the new vector :/
-- SvenDowideit - 11 Mar 2009
QuestionForm edit
| Subject | Upgrading from TWiki to Foswiki |
| Extension | |
| Version | |
| Status | Answered |
Edit | Attach | Print version | History: r3 < r2 < r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r3 - 20 Mar 2009, CrawfordCurrie
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. 
Legal Imprint Privacy Policy
Legal Imprint Privacy Policy