Important go-dev Security Patch releases. (fwd)
Shuly
shuly at cshl.edu
Fri Jun 11 12:32:35 EDT 2004
Thanks everybody for all the warnings.
I have already updated go-dev, and amigo.
Shuly.
Lincoln Stein wrote:
>Hi Shuly,
>
>Please take down AmiGO until the upgrade is effected.
>
>Lincoln
>
>On Thursday 10 June 2004 09:44 am, Sue Rhee wrote:
>
>
>>---------- Forwarded message ----------
>>Date: Wed, 9 Jun 2004 19:49:30 -0700
>>From: Bradley Marshall <bradmars at fruitfly.org>
>>To: Bradley Marshall <bradmars at bdgp.lbl.gov>
>>Cc: <go at genome.stanford.edu>, <gofriends at genome.stanford.edu>
>>Subject: Important go-dev Security Patch releases.
>>
>>
>>Thanks to a random internet hacker we have become aware of a major
>>AmiGO security hole that was used to hose our server.
>>
>>If you have a local AmiGO installation, run, don't walk, to
>>http://sourceforge.net/project/showfiles.php?group_id=36855&package
>>_id=33201 to grab one of the new software releases.
>>
>>AmiGO 1.x users should grab the go-dev-20040609-amigo1.5 release.
>>AmiGO 2.0 users can either grab the go-dev-20040609-amigo2.0
>>release or just do a cvs update.
>>
>>For AmiGO 1.x users who want to touch their installation as little
>>as possible, the files of interest are
>>
>>go-dev/perl-api/GO/CGI/Session.pm
>>go-dev/perl-api/GO/CGI/Analysis.pm
>>go-dev/perl-api/GO/CGI/HTML.pm
>>go-dev/perl-api/GO/IO/HTML.pm
>>
>>You should be able to replace those 4 files with the versions in
>>the new release and be OK.
>>
>>Brad
>>
>>----------------------------------------------------------------
>>This message was sent using IMP, the Internet Messaging Program.
>>
>>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://brie4.cshl.edu/pipermail/po-dev/attachments/20040611/ae7dd10d/attachment.html>
More information about the Po-dev
mailing list