Someone recently told me about a security hole in b2, that would allow the attacker to do nasty things. It has just been fixed in the distributions.
I also fixed the date preview 'bug
', and added some config options to b2config.php, most important one is for people using Asian languages or any language that encodes text on two bytes instead of one.
The fix for the security hole is very simple: create a file named b2config.php and upload it in your b2-include folder. The file can be blank or be a copy of your original b2config.php file, it doesn't matter; but it's enough to fix the threat.
@ 01:42:07 404
, no trackback
, no pingback