ALERT: Xitami 2.5b5

["Matthew Murphy" <mattmurphy () kc rr com>]

I have notified iMatix via support () xitami com of multiple
flaws in the GSL templates of Xitami 2.5 Beta.  The e-mail
was sent out today, so I will release technical details later
on, but I did want to release a workaround:

In defaults.cfg, users can set "use-error-script" in the "[Server]"
section to "0".  This will disable the vulnerable GSL script and
secure your server.  Users who have not installed the Beta 
should wait until a fix is available.

Xitami has no security contact, so I decided to publish this
workaround to avoid exploits of this bug.  In my message to
the company (iMatix) I told them that if no reply was received
in 7 days, I would publish full details.