Nexology Community
 
     
 
   

Go Back   Nexology Community > Support Zone > Security and Release information
Reload this Page phpBB 2.0.13 released - Critical Update -> sigh

Reply
 
LinkBack Thread Tools Display Modes
Old 02-27-2005, 05:59 PM   #1
Family WebHost
 
couchmouse's Avatar
 
Join Date: Feb 2004
Location: USA
Posts: 186
Post phpBB 2.0.13 released - Critical Update -> sigh
Hi everyone,

phpBB Group announces the release of phpBB 2.0.13, the "Beware of the furries" edition. This release addresses two recent security exploits, one of them critical. They were reported a few days after .12 was released and no one is more annoyed than us, having to release a new version in such a short period of time.
Fortunately both fixes are easy and in each case just one line needs to be edited.

The first issue is critical (session handling allowing everyone gaining administrator rights) and we urge you to fix it on your forums as soon as possible:

A second minor issue reported to bugtraq several days ago was the path disclosure bug in viewtopic.php which got fixed by applying the following steps:
Last edited by couchmouse; 02-27-2005 at 06:02 PM.
couchmouse is offline   Reply With Quote
Old 02-27-2005, 06:41 PM   #2
HaveANiceDay
 
middleground's Avatar
 
Join Date: Apr 2002
Location: MacTopia
Posts: 4,167
Damn, just did the .12 on Saturday, time to evaluate other options...getting old..

OK- not that bad...thanks for the headsup
__________________
Every Day Above Ground Is A Good One !!

"A word to the wise ain't necessary -- it's the stupid ones that need the advice." -- Bill Cosby

MiddleGround | MGWebDomains.com | MGWebDomains.net

"With the Heart and Mind united in a single Perfect Sphere." (Neil Peart)
Last edited by middleground; 02-27-2005 at 06:54 PM.
middleground is offline   Reply With Quote
Old 02-27-2005, 09:20 PM   #3
Family WebHost
 
couchmouse's Avatar
 
Join Date: Feb 2004
Location: USA
Posts: 186
yea, this is an easy update. Just don't forget to run the update_to_latest.php in the "install" folder and then delete the "install" folder
couchmouse is offline   Reply With Quote
Old 02-28-2005, 02:46 AM   #4
You and what a
 
RobbieLePommie's Avatar
 
Join Date: Aug 2002
Location: Sydney
Posts: 5,936
Just one line... not too bad LOL
__________________
Rob
----------------------------
For your information, there's a lot more to ogres than people think.
RobbieLePommie is offline   Reply With Quote
Old 02-28-2005, 05:38 PM   #5
Moderator
 
MikeMann's Avatar
 
Join Date: Jun 2002
Location: Los Angeles CA
Posts: 7,532
Quote:
Originally posted by RobbieLePommie
Just one line... not too bad LOL
Actually it's a line in one file and a small block in another

Updating right now.
__________________
Michael Mann

Michael Mann Desktop Publishing
 Me On the Net: Facebook | Twitter

Read My Writing

Need a notary in Los Angeles?
I'm a mobile notary
MikeMann is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -5. The time now is 10:40 AM.

Contact Us - Hostnexus - Privacy Statement - Top

Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.0 RC1
Copyright ©2001 - 2009, HostNexus