Noted with thanks On Thu, Nov 15, 2018 at 3:06 PM Lars Helge Øverland <l...@dhis2.org> wrote:
> Hi all, > > a potential serious security issue has been discovered with one of the > libraries used by DHIS 2. The issue can potentially allow attackers to > write or copy files to disk in arbitrary locations. The attacker needs to > be logged in to DHIS 2 (authenticated) to do this. > > The affected versions are *DHIS 2.28 and older*. > > We have patched the following versions: 2.25, 2.26, 2.27, 2.28. > > We recommend that you upgrade to the latest build of the mentioned > releases if you are affected. We won't disclose more info about this issue > on the public mailing list. > > > best, > > Lars > > > -- > > Lars Helge Øverland > Technical lead, DHIS 2 > University of Oslo > l...@dhis2.org > https://www.dhis2.org > > _______________________________________________ > Mailing list: https://launchpad.net/~dhis2-users > Post to : dhis2-us...@lists.launchpad.net > Unsubscribe : https://launchpad.net/~dhis2-users > More help : https://help.launchpad.net/ListHelp >
_______________________________________________ Mailing list: https://launchpad.net/~dhis2-devs Post to : dhis2-devs@lists.launchpad.net Unsubscribe : https://launchpad.net/~dhis2-devs More help : https://help.launchpad.net/ListHelp
