<![CDATA[ IMPORTANT: Two new vulnerabilities in 0.9.6.1

<![CDATA[ IMPORTANT: Two new vulnerabilities in 0.9.6.1 - My Forums]]> https://forums.modx.com/thread/?thread=256 <![CDATA[Re: IMPORTANT: Two new vulnerabilities in 0.9.6.1]]> https://forums.modx.com/thread/256/important-two-new-vulnerabilities-in-0-9-6-1#dis-post-1660 admin note: clarified for those with feed readers who don’t see the entire thread in context

The current download available at the MODx download site was replaced by a version containing the patches for 0961 in this thread. 0962 will also contain these patches as Jason mentioned. If you’ve not applied the security patch already (shame on you!), you can either grab it via the instructions listed above or just download the complete installer from the downloads page and install via the normal upgrade mode. If you’re not running this latest patched version, now would be a very good time to upgrade.]]> rethrash Jan 22, 2008, 01:21 PM https://forums.modx.com/thread/256/important-two-new-vulnerabilities-in-0-9-6-1#dis-post-1660 <![CDATA[Re: IMPORTANT: Two new vulnerabilities in 0.9.6.1]]> https://forums.modx.com/thread/256/important-two-new-vulnerabilities-in-0-9-6-1#dis-post-1659 opengeek Jan 02, 2008, 01:52 PM https://forums.modx.com/thread/256/important-two-new-vulnerabilities-in-0-9-6-1#dis-post-1659 <![CDATA[IMPORTANT: Two new vulnerabilities in 0.9.6.1]]> https://forums.modx.com/thread/256/important-two-new-vulnerabilities-in-0-9-6-1#dis-post-1658 http://www.securityfocus.com/archive/1/485707/30/0/threaded for details.

You need to take immediate action to protect your site( s ).

For 0.9.6.1
Go to http://svn.modxcms.com/trac/tattoo/changeset/3281 and you can choose from three options for applying the changes to your existing installations: download the zip archive from the link at the bottom (http://svn.modxcms.com/trac/tattoo/changeset/3281?format=zip&new=3281) and overwrite your existing files, get the unified diff (http://svn.modxcms.com/trac/tattoo/changeset/3281?format=diff&new=3281) and apply as a patch, or apply the diffs detailed on the page manually.

For 0.9.6
Same as above, though I recommend upgrading to 0.9.6.1 first to make sure you have the latest bug fixes.

Alternative for 0.9.6 or before...
Grab the latest trunk from SVN and upgrade your installation normally.

Additional information, and an 0.9.6.2 official release with these patches included will be available shortly.]]> opengeek Jan 02, 2008, 11:22 AM https://forums.modx.com/thread/256/important-two-new-vulnerabilities-in-0-9-6-1#dis-post-1658