This build fixes a potential security hole in PHlyMail. As far as we know, this just affects the file phlymail/handlers/email/mod.listmail.php under the presumption, that your server has the option register_globals set to "On".
We recommend, that all users of PHlyMail updater their installation as fast as possible.
The builds have been published in the usual places: under http://phlymail.de/en/phlymail/lite/download/ for PHlyMail Lite and in the customer service area for Personal Edition / MessageCenter. Additionally you can use the AutoUpdater to get your installation up to date.
The person who found this security problem unfortunately decided to publish an exploit instead of informing us directly.
It took as far under 30 minutes to fix the problem after acknowledgement of the bug and release this new build.
Security fix - PHlyMail 3.04.06 released
1 post
• Page 1 of 1
Security fix - PHlyMail 3.04.06 released
|
1 post
• Page 1 of 1
Return to Announcements and News
Who is online
Registered users: No registered users