09 Dec 10 by IDGLabs.RO in
Wordpress CMS 
WordPress 3.0 a fost o actualizare importanta a celebrei platforme de blogging. Dupa orice versiune majora a unui produs, vin si micile retusari.
Astfel a fost lansata zilele trecute versiunea 3.0.2 care remedia cateva gauri de securitate si bug-uri, dupa cum vedeti in lista de mai jos:
Remove pingback/trackback blogroll whitelisting feature as it can easily be abused. (#13887)
Fix canonical redirection for permalinks containing %category% with nested categories and paging. (#13471)
Fix occasional irrelevant error messages on plugin activation. (#15062)
Minor XSS fixes in request_filesystem_credentials() and when deleting a plugin. (r16367, r16373)
Clarify the license in the readme (r15534)
Multisite: Fix the delete_user meta capability (r15562)
Multisite: Force current_user_can_for_blog() to run map_meta_cap() even for super admins (#15122)
Multisite: Fix ms-files.php content type headers when requesting a URL with a query string (#14450)
Multisite: Fix the usage of the SUBDOMAIN_INSTALL constant for upgraded WordPress MU installs (#14536)
Astazi, a fost lansata versiunea 3.0.3, care remediaza inca o vulnerabilitate:
This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts.
Return to top
30 Iul 10 by IDGLabs.RO in
Wordpress CMS 
A aparut wordpress 3.0.1.
Versiunea 3.0.1 a wordpress si rezolva aproximativ 50 de fixuri
Cu toate ca nu a fost semnalat nici un bug periculos, va recomandam in orice caz sa actualizati platforma WordPress cu ultima veriune 3.0.1
Nu uitat sa efectuati un back-up inainte de a actualiza versiunea, dupa ce ati terminat actualizare si verificati ca totul functioneazxa corect recomandam sa schimbat parola de administrator
Return to top
13 Noi 09 by IDGLabs.RO in
CMS,
Wordpress CMS WordPress 2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges.
If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.
The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch. The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations.
Thanks to Benjamin and Dawid for finding and reporting these.
WordPress 2.8.6 is available for download here.
http://wordpress.org/download/
Here’s a a list of 5 practical plug-ins that extend WordPress’ functionality in the security arena.
WordPress 2.8.6 cu aceasta nou versiune se “acopera” citeva probleme de securitate privind utilizatorii inregistrati, si care au permisia de a scrie in blogul dvs
Daca aveti utilizatori inregistrati si nu aveti multa incredere in ei, trebuie sa actualizati blogul dvs.
Read full story
Return to top
12 Noi 09 by IDGLabs.RO in
Joomla CMS 
Proiectul Joomla! a anuntat lansarea versiunii Joomla 1.5.15 [Wojmamni ama mamni].
Au trecut 3 luni de la lansarea versiunii 1.5.14 pe 30 iulie 2009.
Este recomandat sa actualizati pachetul Joomla cu ultima versiune aceasta rezolva citevas bug-uri si citeva probleme de securitate.
Read full story
Return to top
WordPress 3.0 a fost o actualizare importanta a celebrei platforme de blogging. Dupa orice versiune majora a unui produs, vin si micile retusari.