CRITICAL BUGFIX RELEASE: phpAdsNew and phpPgAds 2.0.5
A serious security issue has been discovered in our bundled XML-RPC library. This issue allows for possible remote code execution.
We have upgraded the XML-RPC component to the fixed version and released phpAdsNew and phpPgAds 2.0.5.
Every user is urged to upgrade. As a temporary hotfix you can delete your adxmlrpc.php file so that your adserver will not easily allow execution of maliclius XML-RPC method calls.
We are very sorry for this inconvenience and need to point out that many PHP applications using this common XML-RPC implementation are affected by this bug.
Also, the newly added features are:- a workaround to avoid exceeding the 20 cookie limit, which can be enabled inside the invocation settings;
- full support to all MaxMind database types;
- support for transparent Flash banners.
The release contains also some other bug fixes: see the changelog for more details.
07/01/05 06:21:04 - ciaccia