John Gonzalez/netMDC admin <[EMAIL PROTECTED]> writes:
> Unknown. The advisory specifically mentions 2.53 -- i can tell you this.
> 2.53 _was_ safe from the PREVIOUS exploits (ie. the ones that worked on
> the 2.51, etc) but this appears to be a new exploit in a different
> function of the program.
2.53 appears to be vulnerable.
> Also, the advisory suggests upgrading to 3.1b1 (which i did) and says
> that it's a safe version (for now, anyway)
The 3.x series has been having *tons* of security problems, including
stuff that was previously fixed in 2.x. I really don't trust it.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>