Medzinárodná konferencia vývojárov a používateľov slobodného a otvoreného softvéru

First security fix at lvee.org

27, 2009 11:34

First public-accessible vulnerability in the history of a new site engine was closed at May, 26.

The vulnerability was caused by incorrect settings of access rights for the personal profile editing. Demonstration of the vulnerability was accompanied by a delicate humor of one of the participants, and was highly appreciated by morning visitors of the site.

During the period of fixing, which had lasted about 1 hour plus time to roll back to the last content backup, some users have found themselves unable to edit their personal data due to temporary blockage of this function in a site engine. Organization board apologizes for that problems.

We also suppose it necessary to thank Alexey Zaharov for pleasure of watching massed footprints of his beaver’s pads in our logs :)

Autor: Alexander Borovsky

Back to news list
blog comments powered by Disqus