marta ([info]marta) wrote in [info]lj_releases,
2009-09-23 12:52:00

Release 54.1

Changes made in patch release today:
- Modified our crossdomain.xml to disallow cross-domain script access from any flash media
- Re-enabled media embedding from all sites except for the one on which this exploit was hosted

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    switch

    Your reply will be screened

    Your IP address will be recorded 

     
    Help
  • 19 comments

[info]andy

September 23 2009, 19:57:45 UTC 2 years ago

I LOVE YOU MARTA

[info]intrepia

September 23 2009, 19:59:02 UTC 2 years ago

DEAR LJ STAFF, YOU ROCK. <3333333, ME

[info]bwinter

September 23 2009, 20:03:30 UTC 2 years ago

STAFF ♥ ♥ ♥

[info]exor674

September 23 2009, 20:17:19 UTC 2 years ago

\o/

[info]allah_sulu

September 23 2009, 20:18:31 UTC 2 years ago

Re-enabled media embedding from all sites except for the one on which this exploit was hosted

And, for our own future reference, this site was...?

[info]kiri_l

September 23 2009, 20:45:51 UTC 2 years ago

Yes please. For future surfing reference

[info]sundayave

September 23 2009, 20:55:31 UTC 2 years ago

Yes please the third! Cheers.

[info]sewcute

September 23 2009, 20:57:00 UTC 2 years ago

read back one entry.

[info]silver

September 23 2009, 20:57:09 UTC 2 years ago

It'd be nice to know so it can be added to my hosts file.

[info]marta

September 23 2009, 21:06:08 UTC 2 years ago

It was hosted at a content hosting service that allows users to upload content. We've contacted them with the information to allow them to investigate and remove the content. It's probably overly conservative but I didn't want to provide the domain name publicly until we'd confirmed it was removed.

[info]lied_ohne_worte

September 23 2009, 20:54:03 UTC 2 years ago

Thanks for fighting the good fight!

[info]scaryjeff

September 23 2009, 21:22:08 UTC 2 years ago

*gives the armed monkeys protecting LJ some curry*

[info]beckyzoole

September 23 2009, 21:58:30 UTC 2 years ago

That was fast. Good job, code monkeys!

[info]azurelunatic

September 23 2009, 23:16:07 UTC 2 years ago

[info]hummingwolf

September 24 2009, 00:50:21 UTC 2 years ago

/sends warm fuzzies to the hard-working people of LJ.

[info]shockwave77598

September 24 2009, 16:09:04 UTC 2 years ago

Excellent work you coders! You are truly on the ball today.

[info]doingsoso

September 24 2009, 21:39:44 UTC 2 years ago

Wowsers, you guys moved quick! Thanks for the heads up and the fast resolution.

[info]aotearoagal

September 27 2009, 00:51:19 UTC 2 years ago

What happened to the Preview button when posting entries? And why are entries using the "server" time, what happened to using users' local time?

[info]vtrifonov

November 27 2009, 08:43:04 UTC 2 years ago

Is there any way to get in crossdomain.xml?
I'm making Silverlight client for LJ and need to use proxy server, wich doubles my traffic. Or you can allow SOAP Action to be able to connect your XML-RPC interface ()
It would be nice to access your xml-rpc directly from application.
Create an Account
Forgot your login or password?
Facebook Twitter More login options
English • Español • Deutsch • Русский…