Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Locriani]

The wiki will be down for a bit to patch a critical security flaw (yay, another one!) in the MediaWiki software.  I have no estimate as to length of downtime.

[Warlord255]

Here's to hoping it'll be up soon. Keep up the good work.

[PencilinHand]

The wiki will be down for a bit to patch a critical security flaw (yay, another one!) in the MediaWiki software.  I have no estimate as to length of downtime.

You have my thanks for your efforts, both past and present.

[Box]

If you don't mind my prying, was this a security flaw that would only affect the wiki or could it have been used to target users?

I'm wondering because it isn't often that security flaws are spotted before they are already abused or shown off.   


EDIT: I guess a more direct question would be: what are the extent of the damages, if there were any at all?

[Locriani]

I've disabled login, as it affected that. (It's still enabled, if you know where to look, but please don't log in as the login process is vulnerable)!

Basically, mediawiki had a CSRF flaw that could allow another person to hijack your login.

[tigrex]

Given that it's a wiki about DF, the next time someone enters an incorrect password, the drawbridge will be raised and the magma pumps activated.

[Shades]

Given that it's a wiki about DF, the next time someone enters an incorrect password, the drawbridge will be raised and the magma pumps activated.

Worth the risk then

[Max White]

Oh no, were will I get answers about how to do things so they wont destroy my fortress and result in fun!

[Box]

Oh no, were will I get answers about how to do things so they wont destroy my fortress and result in fun!

The site was up about two hours after the initial post.

So, you've been able to research how to build lavish and expensive noble housing over bottomless pits without any survivors for quite a while now.

Still no login, though.