Path to this page:
Subject: CVS commit: pkgsrc/www/geeklog
From: Takahiro Kambe
Date: 2010-05-17 17:46:38
Message id: 20100517154638.4158C175DD@cvs.netbsd.org
Log Message:
Update geeklog package to 1.6.1.1 (1.6.1sr1).
May 9, 2010 (1.6.1sr1)
------------
This release addresses the following security issue:
The autologin (using the long-term session cookie) is vulnerable to dictionary
attacks. This issue was originally reported by Bookoo of the Nine Situations
Group in one of his reports in April 2009 but apparently overlooked by the
Geeklog Team. Thanks to geeklog.net user Jack for pointing this out.
Files: