|
Sunday, 22 June 2008 |
|
For the last couple months the LimeSurvey project has done a lot of self-imposed security audits on the LimeSurvey code base. (Thank you to the Ubuntu Server team for pointing out first issues and giving us a head start.)
During this process several security issues have been fixed in the source code which include: - Issues where variable manipulation was possible when register_globals in PHP is activated
- Session Data injection & manipulation
- Permanent & non-permanent XSS-issues where an attacker could try to gain access by injecting own javacript code into the application
- Session related issues where a possible attacker could take over the session and/or gain higher access privileges
Most of these issue were already fixed for 1.71 stable. (Affected versions: 1.70+ (all builds) and older)
On top of that we fixed two moderate issues for the current 1.71 release which were - Two XSS attacks for security flaws in the IE6 browser.
- Session Fixation attack
Thank you to security advisor Michal Tresner for reporting.
Exploits in the Wild: No known exploits yet. We strongly recommend to update as long it stays that way!
Solution: Update to the latest LimeSurvey 1.71+ Build 5147 or later version available from http://www.limesurvey.org This security advisory refers to CVE-2008-2659 - LimeSurvey XSS candidate |
|
Last Updated ( Thursday, 26 June 2008 )
|
|
|
Saturday, 14 June 2008 |
|
 Do you want your designs to make people smile and even get paid for it?
We're looking for a PASSIONATE, INSPIRING DESIGNER who can kick our collective design rear-ends. We need a visual designer who can lead us in creating beautiful and elegant services. Specifically, you will:- Be a vigilant advocate for the user’s experience.
- Design mockups and create working prototypes to solidify design direction and planning.
- Produce finished shipping designs, finalizing layout, color, typography, images, and icons.
- Take pride in and feel responsibility for a high degree of personal ownership of your work. Thousands of people will immediately interact with your finished designs.
- Not live in a production-only ghetto. Your ideas will directly shape the experiences you create.
- Be passionate about: Business. Writing. Open Source. Design. Innovation. Craftsmanship. Fun.
- An understanding of interface design principles
- An online portfolio of work
Salary commensurate with experience.
Get back to us at
This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
. |
|
Last Updated ( Sunday, 22 June 2008 )
|
|
|
Wednesday, 11 June 2008 |
|
 The German Linux magazine will publish a special issue on the 12th of July (tomorrow as of this writing). This issue about web software topics will sport an article about LimeSurvey named 'Refreshingly Easy' (roughly translated from German). It contains a tutorial how to use LimeSurvey to create your own online survey and that way you can find out more about your potential customers. If you are German and want to get a fresh introduction to LimeSurvey don't hesitate and buy this magazine online or at your next kiosk. We are very proud since this is the first time a magazine (you know: the one with real paper) is writing about us - expect more to come.
btw: The French Linux Magazine happened to be the sponsor of the last years Trophées du Libre where LimeSurvey made first place in the 'Business Management' software contest. Thank you for this support! |
|
Last Updated ( Tuesday, 17 June 2008 )
|
|
|
|
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
|
| Results 1 - 4 of 44 |
