MT 2.61 important update

This just in via the MT-Users mailing list...

Due to a vulnerability that's been discovered in the file Author.pm, it's imperative that any installation of 2.6 be upgraded immediately.

Download the new Author.pm file here:

http://www.movabletype.org/downloads/Author.pm

And replace the version on your server at lib/MT/Author.pm.

Note: If you have yet upgraded to 2.6, you may disregard this message and upgrade to 2.61 at any time.

If you've already upgraded to 2.61, you may still need to do this update.

Update: This vulnerability patch was significant enough to warrant a minor point release. Upgrade to MT 2.62 if you have MT 2.6 or later installed.

TrackBack

TrackBack URL for this entry:
http://bradchoate.com/mt/feedback/tb/579

Listed below are links to weblogs that reference MT 2.61 important update:

» Vulnerability in MoveableType found/fixed from Verily
Apparently, a bug in "MoveableType(moveabletype.org)":http://www.moveabletype.org was found in the author.pm module. Fortunately, "a fix has been released(moveabletype.org)":http://www.movabletype.org/news/2003_02.shtml#000797. Personally, I just [Read More]

» Vulnerability in MoveableType found/fixed from Verily
Apparently, a bug in "MoveableType(moveabletype.org)":http://www.moveabletype.org was found in the author.pm module. Fortunately, "a fix has been released(moveabletype.org)":http://www.movabletype.org/news/2003_02.shtml#000797. Personally, I just [Read More]

1 Comments

Ollie said:

This was indeed probably the worst, scariest vulnerability there ever was. I had a bit of a 'mare when I realised what it was! I've never taken a website down so fast in my life.

About

This article was published on February 17, 2003 1:33 PM.

The article previously posted was Movable Type 2.61, MT-Textile 1.1.

The next article is Oh the servers, they are a changin'....

Many more can be found on the home page or by looking through the archives.

Powered by Movable Type