yet, another security patch released by the G2 project. we’ve started patching all of our G2 installations and should be done with the bulk of it by tommorow night. we’ll be sending a notice to the user mailing list later tonight regarding the latest security patch releases from the Gallery project.

all G2 users should run the following “maintenance tasks” from within “site admin” and it’s good to go.

System information, Delete database/template cache & Optimize database

more about this release at http://gallery.menalto.com/gallery_2.0.2_released

from within the WordPress community, there is much worry whether the publishing platform is vulnerable to the ‘lupper’ worm which exploits a flaw in PHPXMLRPC libraries. a post over at the WordPress development blog verifies that version 1.5.x is on the safe side.

all WordPress sites here at Negimaki are using the 1.5.2 release, and by default we have a global mod_security filter that denies access to xmlrpc.php — however, there are exceptions, mainly for subscribers who use 3rd party blogging tools like w.bloggar (Windows) or ecto (Mac OS X). as always, we’ll keep a lookout of the usual fishy activity just in case something comes up.

all is well after we rebooted to resolve some ipfw (firewall) & disk swapping issues.

it’s been brought to our attention that there’s a few seconds of added latency affecting many Negimaki subdomains, particularly those running Gallery 2 and/or WordPress. this is most likely due to the mod_security filters we have in place, the occasional bottleneck with mySQL and the fact that Gallery 2 is CPU & resource intensive. minus the SHOUTcast DNAS relays we’re sponsoring for JAR (japan-a-radio), our combined outgoing/incoming bandwidth usage is below 512kbps on average, so we’re ok there. we’re “definately” looking forward to a major hardware upgrade we have planned for the 1st quarter of 2006! please bare with us in the meantime!