Comments on: Security Matters

By: karen patton

karen patton — Fri, 15 May 2009 07:08:24 +0000

this OPEN X ad aware web site just showed up on my computer and i want to know how to remove it. i have no use for it and it’s blocking me from logging onto a favorite website. it asks for an e-mail address and password and i have no idea what they want. help me please.

By: purchasing acomplia

purchasing acomplia — Wed, 29 Apr 2009 11:03:11 +0000

Soft plat! Tot up to favorite

By: Deletium » Blog Archive » Multiple Serious Vulnerabilities in OpenX Ad Server

Wed, 11 Feb 2009 03:37:54 +0000

[...] on Jan. 29, OpenX announced in its own blog that it had released updates to address “a series of potential vulnerabilities of the OpenX Ad Server.” Developing [...]

By: Viktor Hane

Viktor Hane — Thu, 05 Feb 2009 22:02:56 +0000

One of my sites was hacked recently because of this exploit in OpenX. The issues were found on Jan 20 and also blogged by several people before this announcement.

By: David James

David James — Tue, 03 Feb 2009 13:18:19 +0000

Thank you for release & fix bugs. I just upgrade for my site.

By: Serwis Informacyjny Górowo.pl » Archiwa bloga » OpenX 2.6.4 łata odkryte luki bezpieczeństwa

Mon, 02 Feb 2009 06:27:02 +0000

[...] projektu OpenX - otwartego adserwera, udostępnili wersje poprawkowe usuwające szereg luk ujawnionych parę dni temu przez serwis Secunia.com. Wersje [...]

By: Erik Geurts

Erik Geurts — Sun, 01 Feb 2009 14:23:34 +0000

A few weeks ago Google made a change in their URLs used for delivering AdSense ads. The result back then was that OpenX was no longer able to count clicks on AdSense ads.
OpenX have published a patch on the blog, and promised to put that patch into the next regular releases of OpenX:
http://blog.openx.org/12/google-adsense-click-tracking-patch/

However, the time pressure to release this security fix must has meant that the AdSense click tracking patch did not make it into OpenX 2.6.4. Anyone who has applied that patch for version 2.6.3 should do so again for version 2.6.4.

By: Scott Switzer

Scott Switzer — Fri, 30 Jan 2009 17:11:53 +0000

@ville,

Unfortunately, the email was sent to an autoresponder that gets checked every week or so. We became aware of the issue on Tuesday, and released a patch 48 hours later. We do take security issues very seriously, and they immediately go to the ‘top of the list’ once we become aware of them.

I will edit the post and include the link to the original security bulletin - thanks for pointing this out.

Scott

By: OpenX tips by Erik Geurts

OpenX tips by Erik Geurts — Fri, 30 Jan 2009 13:07:33 +0000

OpenX version 2.6.4 released…

OpenX version 2.6.4 was released yesterday. This upgrade is a fix to a security problem that was reported earlier in the week. The OpenX blog has the full story.
Of course, with security issues it’s always important to upgrade all instances as qu…

By: Tom

Tom — Fri, 30 Jan 2009 08:36:29 +0000

Have you also fixed the PEAR parser bug (XML_Parser: no element found at XML input line 1:0 ) that was reported in 2.6.0 but are still there in 2.6.3?

It is still in my error log and in Firefox 3 the page with the widgets doesn’t show up.