Movabletype should be update on lucid and others to address security vulnerability.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
movabletype-opensource (Debian) |
Fix Released
|
Unknown
|
|||
movabletype-opensource (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
The PBS website was hacked with a security vulnerability found in movable type prior to version 4.3.6.1. See articles below.
http://
http://
I see that oneiric has been updated to 4.3.6.1 which addresses the unspecified vulns in the PBS hack. Have these fixes been back-ported to Lucid, or are there plans to upgrade Lucid to 4.3.6.1?
#oneriric changelog
http://
#lucid changelog
http://
Changed in movabletype-opensource (Debian): | |
status: | Unknown → Fix Released |
It seems that this issue has been addressed in Debian.
http:// bugs.debian. org/cgi- bin/bugreport. cgi?bug= 627936