Important go-dev Security Patch releases. (fwd)
Lincoln Stein
lstein at cshl.edu
Fri Jun 11 12:05:19 EDT 2004
Hi Shuly,
Please take down AmiGO until the upgrade is effected.
Lincoln
On Thursday 10 June 2004 09:44 am, Sue Rhee wrote:
> ---------- Forwarded message ----------
> Date: Wed, 9 Jun 2004 19:49:30 -0700
> From: Bradley Marshall <bradmars at fruitfly.org>
> To: Bradley Marshall <bradmars at bdgp.lbl.gov>
> Cc: <go at genome.stanford.edu>, <gofriends at genome.stanford.edu>
> Subject: Important go-dev Security Patch releases.
>
>
> Thanks to a random internet hacker we have become aware of a major
> AmiGO security hole that was used to hose our server.
>
> If you have a local AmiGO installation, run, don't walk, to
> http://sourceforge.net/project/showfiles.php?group_id=36855&package
>_id=33201 to grab one of the new software releases.
>
> AmiGO 1.x users should grab the go-dev-20040609-amigo1.5 release.
> AmiGO 2.0 users can either grab the go-dev-20040609-amigo2.0
> release or just do a cvs update.
>
> For AmiGO 1.x users who want to touch their installation as little
> as possible, the files of interest are
>
> go-dev/perl-api/GO/CGI/Session.pm
> go-dev/perl-api/GO/CGI/Analysis.pm
> go-dev/perl-api/GO/CGI/HTML.pm
> go-dev/perl-api/GO/IO/HTML.pm
>
> You should be able to replace those 4 files with the versions in
> the new release and be OK.
>
> Brad
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
--
Lincoln D. Stein
Cold Spring Harbor Laboratory
1 Bungtown Road
Cold Spring Harbor, NY 11724
More information about the Po-dev
mailing list