akamu writes:  

The CPG Dev Team is pleased to announce the immediate release of CPG Dragonfly™ CMS 9.0.1. CPG Dragonfly™ CMS 9 series marks a new milestone in our history, enhancing the speed, security, and usability well beyond what we accomplished in CPG-Nuke 8.x. Some key features in 9.0.1 are:

• Caching of commonly used data, such as site config
• Template-based theme system
• LEO (Link Engine Optimization)
• Classes for commonly used objects
• Search engine identification
• New admin control system for more flexibility
• Dragonfly theme
• Coppermine image watermarking
• Group newsletters
• Identification for Mozilla, Firefox, and Safari

Our website has been updated drastically to accommodate for these massive changes. We have added a new bug report system to keep track of bugs in a more organized fashion, allowing them to be fixed sooner. We've added a new Source Documentation in php.net style. Our new Wiki provides useful information as well as tips and tricks for getting the most out of your Dragonfly™ site. This is a final release - it is suitable for production websites. Download Now!

Note: 

Congratulations to all of you. I will try this just ASAP. I know it will be excellent!

nukeevangelist writes:  

The Menalto Gallery-team comes up with 1.4.4 Patch Level 6 [pl 6]: upgrade recommended.

"The recent release of 1.4.4-pl5 was meant to resolve some security problems, however after another analysis of the code the fix did not actually fix what
it was intended to. 1.4.4-pl6 is now available and should properly fix the security problems. Please see the 1.4.4-pl5 announcement for more information about the security problems. All Gallery users are strongly urged to upgrade to 1.4.4-pl6 immediately, which fixes this problem and will secure your system."

Download of v1.4.4.pl 6 Gallery :: get more infos at the Menalto Gallery-team-site

VinDsl has alerted us to yet another crack! Read phpBB Site Cracked, Developers Locked Out for protection using .htaccess. Read PHPBB main site was cracked.

Techgfx writes:  

I have released a security update which came to my attention yesterday. Information relating to the security issue is below. Affected: PHP-Nuke 6.5-7.6 / PHP-Nuke Platinum 6.9.0-7.6.0 / PHP-Nuke Patched 2.8 / phpBB 2.0.11. Description: phpBB administrative variable manipulation can allow illegal server path disclosure. Correction method: Available here

Securing PHP Files using HTTP Authentication By Peter McNulty : 15-01-2005.

It is quite common to have the need to password protect a certain file or a set of files, in order to prevent unauthorized access to those files. There are many different alternatives on how to do this including, sessions, cookies, JavaScript and HTTP authentication. The latter of these is what we are going to concentrate on in this article.

 Read More...

Note: 

For those of you that would like to break down the "mystique" of all this talk on HTTPAuth and CGIAuth, be sure to check this article out!

Do you want to look inside the world of hackers and learn some lessons about how to thwart their attacks on your network? If so, read Notes From Security School at Computerworld.