KSA2006-001

English page

Kahua Release

• Release Note
• Download
• Current Version 1.0.7.3 (2008-05-08)

kahua-web Release

• kahua-webとは
• Release Note
• Download
• Current Version 0.3.1 (2007-06-12)

Security Advisory

• 2006-001

Event Log

• 読書会
• セミナー
• 展示会

Documentation

• About Kahua
• Documents
  • GaucheForKahua
  • Concepts
  • Tutorial
  • Setup
  • Scripts
  • Modules
  • ToDo
• Download
• Application

For developers

• Subversion Repository
• Mailing List
• Developer Web

Site info

• Site Map
• Recent Changes

Related Site

• Kahua HEAD
• Enjoy Gauche

Kahua Security Advisory 2006-001

Discription

Login session are involuntarily shared among several application which refer to different user database.

Impact

In case of using following version and operating several applications(workers) referring to different user database under the same supervisor, you are affected.

• 0.6 or earlier released verison
• earlier than 2006-09-26 CVS version

In case of operateing several applications(workers) under different supervisor or in case of operateing single application(worker), you are not affected.

Revisions

• 2006-09-26 CVS version
• 0.7 released version

Solution

Upgrade Kahua 0.7 or later. Use (kahua-current-user) to check login status.

Evasion

If you avoid upgrading Kahua, you should operate applications under different supervisor.

Change log

• 2006-09-29 Released

Copyright (c) 2003-2007 Kahua Project Contact | About Us