Openads: OpenX Source 2.8.9 Security Release Options

[RSS Bot]

OpenX Source 2.8.9 is now available, this release addresses recent reported security issues in the OpenX Source application.

All users should upgrade to this version and perform a security audit to help ensure they keep their system secure.

Before upgrading:

• Check for any rogue admin users (http://<your_admin_domain>/www/admin/admin-access.php).
• You can also check for any recently changed files, if you have shell access, you can use the “find” command to look for any files modified recently
• e.g. “find /path/to/openx/www /path/to/openx/plugins -mtime -7″ will find any files in those folders which were modified within the last 7 days.
• If you find any unexpected files recently modified (especially .php files) remove them before performing the upgrade.

More information on performing a security audit can be found in this post.

To upgrade your system:

• Downloaded OpenX Source 2.8.9 from here
• Follow the upgrade guide to upgrade your system.
• Once you have upgraded, you can remove write access to your config files (/path/to/openx/var/*.conf.php), to help keep your system secure.

View the full article