Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

Important go-dev Security Patch releases.

Danny Yoo dyoo at acoma.Stanford.EDU
Thu Jun 10 16:59:32 PDT 2004

On Wed, 9 Jun 2004, Bradley Marshall wrote:

> Thanks to a random internet hacker we have become aware of a major AmiGO
> security hole that was used to hose our server.
> If you have a local AmiGO installation, run, don't walk, to
> to grab one of the new software releases.
> AmiGO 1.x users should grab the go-dev-20040609-amigo1.5 release.  AmiGO 2.0
> users can either grab the go-dev-20040609-amigo2.0 release or just do a cvs
> update.
> For AmiGO 1.x users who want to touch their installation as little as
> possible, the files of interest are
> go-dev/perl-api/GO/CGI/
> go-dev/perl-api/GO/CGI/
> go-dev/perl-api/GO/CGI/
> go-dev/perl-api/GO/IO/

Hi Bradley,

What changes were made to clean up the parameter passing?

Explanation: we have a local copy of AmiGO 1 that's customized for our
site (bunch of Javascript stuff to better integrate with our publication
database), and it'll be a bit of work for us to take what's in CVS.  It
might be easier for us to backport the parameter-passing security fixes.


This message is from the GOFriends moderated mailing list.  A list of public
announcements and discussion of the Gene Ontology (GO) project.
Problems with the list?           E-mail: owner-gofriends at
Subscribing   send   "subscribe"   to   gofriends-request at
Unsubscribing send   "unsubscribe"  to  gofriends-request at

More information about the go-friends mailing list