Wednesday, April 20, 2011

FlatPress revs to 0.1010.1 to fix login/authentication exploit

fp-logo-smaller.png If you’re running a FlatPress blog, keeping an eye on the main site and the forums lets you know about any potential problems with the software as well as available solutions.

That’s especially the case right now as forum member pierovdfn has released a patch to one of the PHP files in FlatPress that eliminates a potential exploit in the authentication code.

FlatPress creator NowhereMan has already updated the FlatPress code and released it as 0.1010.1.

For existing FlatPress installations, applying the patch is as easy as swapping in 21 lines of PHP code. I did it this morning, and everything is working fine.