|Title||Temporary Workaround For CVS Vulnerability|
|Date||Thursday December 16 2004, @03:05PM|
We've gotten a couple of questions about whether there will be a workaround for site admins who don't want to upgrade into x_2_5_* CVS but who don't want to just wait until the patch comes out next week.
For security reasons, we don't want to reveal too much of what's going on until everyone has had a chance to upgrade, but we will say that you can temporarily make your site immune to the vulnerability by removing the symlinks to search.pl and submit.pl.
This will obviously break some functionality on your website. Whether you prefer that to upgrading, and/or to being vulnerable for the next week, is up to you.
Assuming you installed your theme with symlinks (the default), to restore those files at any time later you would run symlink-tool:
/usr/local/slash/bin/symlink-tool -u yourvirtuser -U
printed from Slashcode, Temporary Workaround For CVS Vulnerability on 2012-02-07 00:14:54