similar to the previous one (http://tikiwiki.org/art97) Description: Some vulnerabilities have been reported in TikiWiki, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused due to missing validation of files placed in the "temp" directory and can be exploited to execute arbitrary PHP scripts. The vulnerabilities have been reported in versions prior to 1.8.5 and 1.9 DR4. Solution: Update to version 1.8.5. http://sourceforge.net/project/showfiles.php?group_id=64258 Deny access to the "temp" directory.
Nasty, indeed. web-apps, bumping is necessary.
ebuild in cvs
Thx Martin. ppc please test and mark stable.
Stable on ppc.
GLSA 200501-41
*** Bug 79077 has been marked as a duplicate of this bug. ***