Patching OpenX Source v2.8.9 with v2.8.10 security fixes

In a recent blog post, I wrote about the new OpenX Source version 2.8.10 which has been released for download. I also mentioned that the changes are relatively minor. Completing a full OpenX upgrade procedure is one way to implement the security measures that are contained in version 2.8.10, but if you have sufficient technical skills, it might be an interesting idea to just implement the code changes.

With the help of fellow OpenX specialist Matteo Beccati, here is a ‘diff’ file that details all the code changes that need to be made.

The following notes are extremely important:

  • This is a ‘diff’ file for the changes from version 2.8.9 to 2.8.10 only. Do NOT use this for older versions! Instead, do a full upgrade.
  • This is completely at your own risk. I do not offer any form of support, if you do not know how to implement a ‘diff’ file, do not proceed.
download Download: Patching OpenX Source v2.8.9 to

Version: 1.0
Updated: September 21, 2012
Size: 25.71 KB
Share this on:
  • Twitter
  • LinkedIn
  • Facebook
  • email
About Erik Geurts


  1. The file is missing it’s extension. It’s a compressed file.

    Thanks, José

  2. This is working with php 5.4?

    • This is a patch file for OpenX Source v2.8.9, to apply the changes that were made going forward to v2.8.10. If v2.8.9 works on php 5.4, so will v2.8.10.

  3. Birgir Hrafn Sigurðsson says:


    I’m wondering if I understand you correctly referring to the “diff”-file. Should I diff the files in the ‘diff’.zip file against my 2.8.9 version of OpenX? I have not heard of diff files per se so I just want to ask for clarity.

    Also, why is the OA_VERSION stated as release 2.8.11-rc? Should it not be 2.8.10?

    • Hello Birgir,

      Thanks for your notes. Frankly, if you don’t know how to apply .diff files, then this trick is not for you.

      The reason the file lists the version as 2.8.11-rc is because internally at OpenX they’ve labeled this relative to the next version that will come out after this one (don’t ask me when, or why, I don’t know that).

      Regards, Erik

  4. Hello Erik,

    Great blog!

    I upgraded my OpenX system and it works OK. But, I have a problem with geotargeting.

    I think that the IP database is old because in the same country in two different locations the systems show different banners.

    Do you know anything about this?

    Regards, Franco

    • Hi Franco,

      I think what may be causing this is that you are actually running with an older version of the GeoIP data file, which ships with the download of OpenX Source you get from the OpenX website. You can get a more recent version of the file from the website.

      Best regards, Erik Geurts

      • Thank you for your response. I downloaded a new copy of OpenX 2.8.10 and I reviewed the files. I can see that the GeoIP file in there is from 2009. I downloaded a update of the datafile from MaxMind and everything works OK now.

        Regards, Franco