CLAROLINE.NET

Several security holes have just been detected in Claroline 1.7.* and 1.6.*

Platform Claroline 1.7.* running PHP in register_globals off or allow_url_fopen off are not vulnerable.

We seriously advise all people using Claroline 1.6 or PHP with register_globals configuration enabled to patch their platform as soon as possible.

More advices on the security of your claroline platform are here.

Download the patches at these addresses :

• Claroline 1.7 : http://www.claroline.net/dlarea/claroline.patch17501.zip
• Claroline 1.6 : http://www.claroline.net/dlarea/claroline.patch16401.zip

How to apply the patch

• Uncompress the zip archive file 'claroline.patch1**01.zip'.
• Copy the 'claroline' directory found inside that archive on the 'claroline' directory already available on your web server.