Wordpress Updates & Format string attacks

Saturday, 28 May 2005

Security

  • New wordpress security update – v1.5.1(updated)
    • I’m getting increasing disillusioned by Wordpress. I’d switch to something home-grown like so many others. But invariably this means people can’t leave comments and I like that ability. I rarely bother to email people in response to entries. It’s just too much effort.
  • Strings sent to the C syslog function, to be logged, should always be wrapped in “%s”.
    • If you don’t understand why I can explain. You can audit your software with the pscan package.

| No comments

 

 

Recent Posts

Recent Tags