 |
|
 |
|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 171 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
|
 iotc247 writes "phpBB 2.0.9 was released.
What has changed in this release?
This changelog is included with all archives:
* Fixed one vulnerability in admin_board.php - Xore
* Added checking for proper session id characters to sessions and viewtopic to prevent injections - Bartlomiej Korupczynski
* Fixed injection vulnerabilities possible with linked avatars
* Implemented unsetting globalised variables
* Limited confirm switch to POST variable in posting
* Changed IP code in common.php to prevent IP spoofing
* Updated visual confirmation mod [pre-edited files]
* Moved obtaining word censors in modcp out of topic generation loop [increased performance/lower query count] - spotted by R45
* Added the ability to link to https/ftps sites using the img bbcode tag
* Fixed user online information in admin/index.php
* Fixed getting group moderator in groupcp.php if running oracle backend - spotted by pakman
* Fixed use of non-existing result variable in modcp (poster_id instead of user_id)
* Fixed several vulnerabilities (XSS, SQL Injection and path disclosure) only possible with register_globals enabled - Matthew C. Kavanagh, Janek Vind
* Fixed problem with SID not delivered to next page in groupcp.php
So now bbtonuke needs to be updated."
|
|
Posted on Monday, July 12 @ 22:43:21 CEST by VinDSL |
|
|
|
|
| |
|
Average Score: 5
Votes: 1
|
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | | |
|
