You are here: Gregarius - Devlog » category » gregarius » bugs

Archive for the 'bugs' Category

Security Hole in Development Releases

If you are using a recent development version of Gregarius from the Subversion repository, you should upgrade to the most recent revision. This problem only exists in recent development versions; Gregarius 0.54 is not vulnerable. The hole was introduced in changeset 1499 and was fixed in changeset 1517. This covers a period from June 15 to July 22.

More information can be found on the Gregarius forums.

Posted by Martey at Jul 23rd 2006, 4:15 am | Filed under: bugs, gregarius | No Comments

Rounded corners

Gregarius has been suffering from a wicked rendering bug in Firefox (everyones favourite browser) and other Gecko browsers. If you had lots of items on a page, certain frames would break and be painted in weird places. We knew that the code to display rounded corners was triggering this behavior and the solution, till now, has been to disable the Rounded Corners plugin.

Rendering-bug-thumbnail

It appears that the exact cause for this bug is in Bugzilla Bug 252241. Please vote for this bug so that it gets some attention. In the mean time we have hacked the rounded corners plugin to work around this bug. You can download the new version by clicking here and overwriting this file onto /rss/plugins/roundedcorners.php. It should be safe to do this even with version 0.5.2.

Why do we love rounded corners? It is because as children we quickly discover that sharp corners hurt us and smooth rounded objects are usually delicious. Mmm… Ever seen kids try to eat smooth pebbles that they find lying around?

Posted by Sameer at Nov 26th 2005, 3:25 am | Filed under: bugs, gregarius, tips | 1 Comment

Security Update

A security hole, which allows for arbitrary code execution, has been recently discovered in the Snoopy web client library, which is bundled with Gregarius.

Only Gregarius installations which are publicly accessible on the Internet, and whose administration area is not password-protected are affected, but to avoid unnecessary risk Gregarius 0.5.2 has been re-released with a fix for this security hole. You are strongly encouraged to upgrade your installation.

You should either:

  • Download the updated release from sourceforge.net: make sure you download either of rss-0.5.2a.tar.gz or rss-0.5.2a.zip, or:

  • Replace the rss/extlib/Snoopy.inc.php file with the fixed version, or:

  • Upgrade your installation using a nightly build.

We apologize for the inconvenience :)

Posted by Marco at Nov 1st 2005, 8:01 pm | Filed under: bugs, gregarius, releases | No Comments

A fix for a buggy query

Ok, so there was a minor sql bug in the main index.php that would slow down rendering of read items in the main page, mea culpa.

The bug was introduced between version 0.3.6 and 0.3.8. If you feel like your gregarius installation has gotten noticeably slower after you upgraded to 0.3.8, this is probably why, and you are encouraged to replace your index.php file with a fixed version, straight from cvs (make sure you’ve got a backup copy of your original file first!)

Fixed index.php.

Posted by Marco at Apr 6th 2005, 10:38 am | Filed under: bugs, gregarius | No Comments

Broken packages on sf.net

As Theo has pointed out the installation packages of the 0.3.2 release were broken. The packages have been re-uploaded and seem to be ok now.

In the meantime, here are the md5 hashes of the fixed installation packages:

11a40b3e0e263caff0aa6a6e03aeada9 rss-0.3.2.tar.gz
8275e7ae3a5de571d344537b7ec584b3 rss-0.3.2.zip
Posted by Marco at Jan 21st 2005, 6:55 pm | Filed under: bugs | No Comments