PHP BB Customers

WHFI_Beth · Site Admin Joined: 29 Sep 2004 Posts: 166

Please note all customers using PHP BB or IKON board will be required to use Version 2.0.13 for PHPBB and Version 3.1.2 for IKON Board. We have attempted to notify customers using older versions. Sites that are not updated to the latest software will have PHP/CGI disabled on their site until they preform the upgrade. You may contact techsupport to have PHP re-enabled on your site when you are ready to perform the upgrade.

Previous versions of this software have serioius server exploits and hacks which will allow your site to be exploited and poses a threat to other customers as well.

Sites that are hacked prior to being patched will need to be completely remove the PHP forum and replace with a backup you have made from within your software prior to the hack.

Please use the backup function in your software frequently.

She · Joined: 21 Feb 2005 Posts: 1

The newest release is now phpBB 2.0.12 (as of yesterday). We're not yet able to download it, there is a problem with their sourceforge download.

WHFI_Beth · Site Admin Joined: 29 Sep 2004 Posts: 166

There are again new releases of PHP BB. Please make sure you are patch through 2.0.15

WHFI_Beth · Site Admin Joined: 29 Sep 2004 Posts: 166

Hi everyone,

phpBB Group announces the release of phpBB 2.0.16. This release addresses some bugfixes and one critical security issue. To fix this, please apply the following change:

In viewtopic.php

Find:

$message = str_replace('"', '"', substr(@preg_replace('#(>(((?>([^><]+|(?R)))*)<))#se', "@preg_replace('#b(" . str_replace('\', '\\', $highlight_match) . ")b#i', '\\1', '\0')", '>' . $message . '<'), 1, -1));

Replace with:

$message = str_replace('"', '"', substr(@preg_replace('#(>(((?>([^><]+|(?R)))*)<))#se', "@preg_replace('#b(" . str_replace('\', '\\', addslashes($highlight_match)) . ")b#i', '\\1', '\0')", '>' . $message . '<'), 1, -1));

If your mail program wraps the lines it is advised to get the fix from the official announcement at:

http://www.phpbb.com/phpBB/viewtopic.php?t=302011

We urge you to update as soon as possible. You can of course find this download available on our downloads page (http://www.phpbb.com/downloads.php). As per usual three packages are available to simplify your update.

The Full Package contains entire phpBB2 source and English language package.

The Changed Files Only contains only those files changed from previous versions of phpBB. Please note this archive contains changed files for each previous release.

Patch Files contains patch compatible patches from the previous versions of phpBB.

Select whichever package is most suitable for you.

The changelog (contained within this release) is as follows:

- Fixed critical issue with highlighting - Discovered and fix provided by Ron van Daal

- Url descriptions able to be wrapped over more than one line again

- Fixed bug with eAccelerator in admin_ug_auth.php

- Check new_forum_id for existence in modcp.php - alessnet

- Prevent uploading avatars with no dimensions - Xpert

- Fixed bug in usercp_register.php, forcing avatar file removal without updating avatar informations within the database - HenkPoley

- Fixed bug in admin re-authentication redirect for servers not having index.php as one of their default files set

As always, our Code Changes Tutorial is available too for those with heavily modded boards.

It can be downloaded from http://www.phpbb.com/phpBB/viewtopic.php?t=301712

----

To unsubscribe from this list visit http://www.phpbb.com/lists/?p=unsubscribe&uid=8d9b1ab8e16f7fd74076e79e283b26e3

	Web Hosting For Idiots Forum Index -> Announcements	All times are GMT + 6.5 Hours
Page 1 of 1