BeezNest fixes new Chamilo security flaws in 48h

Secunia gave the Chamilo Security team full details of three security flaws detected in version 1.9.4 on Monday the 4th of March 2013. These flaws were detected by Fernando Muñoz, a regular contact for Chamilo in terms of security. We are very grateful for his and Secunia’s work.

Within less than 48 hours, the Chamilo Security team, part of BeezNest‘s development team, has reviewed, patched, published and communicated a fix to its community through the Chamilo wiki and Chamilo Security team’s Twitter account, doing its best effort to inform everyone in time.
In fact, a patch was available within 12h, but it took us some time to go through the right communication channels and make the patch accessible to the greatest number.

Our fast turn around time on this security issue is a reflection of the priority and focus we place on security. Security is more than a side item for us, it’s part of our core principles.

At Chamilo, we embrace security research and show our appreciation to all involved. Thank you for helping us make Chamilo better!

BeezNest offers hosting, development and maintenance services for any Chamilo LMS portal. Feel free to contact us for a quote if you need help. Chamilo is free software and you are absolutely not forced to use our services. We can help you out if you need it, that’s all!

Related Posts

Using Ohloh’s PHP API

I was trying to find out the total contributions to our code, by...

Protected: Demystifying Dokkeos 2.0

There is no excerpt because this is a protected post.


  • Will these patches be inserted in 1.9.6 automatically?

  • Yannick Warnier
    8 March, 2013 at 11:33 pm  - 

    Absolutely! They are already there, but 1.9.6 hasn’t been released yet. We are progressing fast, so I hope we’ll have a first RC by the end of March and a stable version in April.

  • Erm, you know, i like to test and report on the unstable versions, because for the stable ones there are enough 😉

    So i’m gonna update my installations tonight…

Comments are closed.