We have developed solutions to prevent* both MODx Revolution and Evolution from triggering this
Critical PHP Bug described here.
Solutions for MODX Revolution:
- Download and Upgrade to 2.0.6-pl2
- Manually Apply the patch:
Paste the following lines into the file "core/model/modx/modx.class.php" after line 30 (after the comments):
if (strstr(str_replace('.','',serialize($_REQUEST)), '22250738585072011')) {
header('Status: 422 Unprocessable Entity'); die();
}
- Install the Plugin Patch via Package Management (Under: Hotfixes & Security Updates -> Hotfix -> bug-3350)
Solution for MODx Evolution:
Manually Update contents of manager/includes/protect.inc.php with this new file.
*Note: While these will prevent MODx from triggering this event it will not prevent other applications on the same server from causing the issue.
Author of zero books. Formerly of many strange things. Pairs well with meats. Conversations are magical experiences. He's dangerous around code but a markup
magician.
Blog ✦
Twitter ✦
LinkedIn ✦
GitHub
MODX Staff