Hello. PmWiki version 2.2.49 was published today, and is available at:
http://www.pmwiki.org/pub/pmwiki/pmwiki-2.2.49.tgz
http://www.pmwiki.org/pub/pmwiki/pmwiki-2.2.49.zip
svn://www.pmwiki.org/pmwiki/tags/latest
This version adds an array $UploadBlacklist containing forbidden strings of
an uploaded filename (case insensitive).
Some Apache installations try to execute a file which has ".php", ".pl" or
".cgi" anywhere in the filename, for example, "test.php.txt" may be
executed. To disallow such files to be uploaded via the PmWiki interface,
add to config.php such a line:
$UploadBlacklist = array('.php', '.pl', '.cgi');
The documentation was updated.
Thanks,
Petko
--
Change log : http://www.pmwiki.org/wiki/PmWiki/ChangeLog
Release notes : http://www.pmwiki.org/wiki/PmWiki/ReleaseNotes
If you upgrade : http://www.pmwiki.org/wiki/PmWiki/Upgrades
_______________________________________________
pmwiki-users mailing list
[email protected]
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
