Phorum-5.2.9 released! Security Upgrade! (1 reply)
2949 Views Published 1 month, 1 week ago in Announcements, Phorum
Therefore we urge all Phorum users to upgrade as soon as possible.
You can download it from our downloads page.
This is the excerpt from the changelog:
2008-10-06 10:13 ts77 * removed "SET CHARACTER SET" query to solve some mysteries in charset support (thanks to Chris who brought this up [www.phorum.org] ) 2008-10-06 10:03 mmakaay * Fixed #806: possible XSS leak plugged. This was reported as a security vulnerability, however we were never able to produce anything more than broken HTML code. Since broken HTML code is not good and because we are rather safe than sorry, this fix was implemented. 2008-10-04 08:55 mmakaay * Fixed "AND" based queries for phorum_api_user_search_custom_profile_field(). Thanks to Phorum user jjarvis98 for noticing the bug and to Azumandias for providing the fix. 2008-09-21 10:10 ts77 * transferring template-arg through the urls (fixing #792), doesn't work with search - essentially breaks search and needs checking therefore 2008-09-21 09:56 ts77 * give a message about this being a moderated forum before redirecting after posting (fixing #775) 2008-09-02 12:13 mmakaay * Fixed the new release detection code. In the admin interface, new releases were not detected by the "Check For New Version" function. 2008-09-01 09:55 mmakaay * Fixed #797: Undefined offset: 0 in api.php in case the message started with a stale BBcode close tag. Thanks to Alexey Torkhov for the problem report. 2008-09-01 09:37 mmakaay * Fixed #796: Undefined index "mod_bbcode_tags" in BBcode module. Thanks to Alexey Torkhov for the heads up. 2008-09-01 07:41 mmakaay * Fixed the classic index style (directory browsing mode) for the classic 0.4 template. It did not yet reflect a change in the datastructures that we use for the index page in Phorum 5.2, causing folders to not show up in that view. 2008-09-01 06:33 mmakaay * Fix for #795: BBcode module needs to explicitly include api.php to define the constants that are used in the settings page. Thanks to Alexey Torkhov for the heads up. 2008-08-27 12:57 ts77 * building the list of forums to move a thread to in the same way as the list of forums in the search form (fixing #729, thx to Oliver Riesen) 2008-08-27 10:09 mmakaay * Fixed #784: missing terminating ] for character class in http_get.php. 2008-08-23 18:31 mmakaay * Fixed #776: phorum_api_user_save() sets the password to "*NO PASSWORD SET*" when calling the function twice (first time to create a user, second time to update, both calls without using a password in the user data). Thanks to Alexey Torkhov for finding and reporting the issue. 2008-08-22 22:55 mmakaay * Fixed #787: BBcode module: end of message end tags for some bbcode tags were not processed correctly. The tag and the text that came before the tag were duplicated at the end of the rendered message. 2008-08-22 21:21 mmakaay * Added "@" as a safe character for the quoted printable encoding requirement check. Otherwise, every mail address will be quoted printable encoded, even if there are no special characters in it. 2008-08-04 17:57 mmakaay * Phorum3 script updated for the new phorum_db_file_save() call in Phorum 5.2. Thanks to Simon King who posted the patch in our support forums.
12 Responses to “Phorum-5.2.9 released! Security Upgrade! (1 reply)”
- 1 Pingback on Nov 30th, 2008 at 1:41 am
Leave a Reply
Search
About This Entry
- You’re currently reading “Phorum-5.2.9 released! Security Upgrade! (1 reply),” an entry on The Staff Lounge
- Published at 11.30.08 / 6am
Related Entries
- Phorum-5.2.7 stable released (no replies) - Phorum
- Phorum-5.2.7-RC1 released (no replies) - Phorum
- Phorum-5.2.8-RC1 released (7 replies) - Phorum
Recent Entries
- Quick Reply / Quick Edit Toolbars - vBulletin 3.7 Add-onsvBulletin Add-ons
- [Request] - vBulletin 3.7 Add-onsvBulletin Add-ons
- Blog 2.0.1 Release Schedule - AnnouncementsvBulletin Fans
Popular Resources
- Phorum-5.2.9a released (6 replies) - 13018 Views
- Phorum-5.2.8 final released (13 replies) - 5922 Views
- Phorum-5.2.9 released! Security Upgrade! (1 reply) - 2949 Views
Powered By
Well you can’t reproduce the xss
Here is the proof : http://i38.tinypic.com/9jk6qc.png
It’s real I’m not just sending fake stuff
Recently, my husband started with the potential problem and our relations are deadlocked.
After all, I love sex … I encouraged him to go to the doctor, and he is afraid.
Maybe someone who will help us, tell of impotence pills and where to buy them anonymously. In advance thank you to all who help!
Sorry if in the wrong section leave a message!
Hello
im new here just saying hello
if this is in the wrong section please mods move to the correct
thanks
hello everyone, I am Cathrine. I’m new here and I just wanted to say hello to everyone, I’ve actually been reading a lot of posts on this forum for a while but this is my first post here
Hello
I have been hearing lately about credit repairing companies and the amount of work they get in their bussiness . One of my sister is running a credit repair bussines , I have talked to himn about the busines but. I need mor information on this so that I cann start my own credit repair business .
Please do suggest your views on this!
Olaf
Billy always convinces me to buy and sell stocks at the perfect time. He must be a billionaire because he always asks me to give some of it up as he probably doesn’t need anymore. When there is a selloff in stocks, he tells me to follow because that’s probably when the market is at its bottom; while the opposite is true too because he always tells me to buy stocks when everyone is optimistic, signaling a top in the stock market.
A few years ago, 2003 to be exact, Billy told me “It’s time to sell your stocks! Look at your negative returns! Cash out your index funds because you should put your money somewhere else!” He is really good because the next few years turned out to be great for the stock market. A couple of days ago when everyone was selling stocks, he tries to convince me again to sell because we needed to join everyone else. He must’ve seen yesterday’s big move up coming.
Billy is truly my friend because he doesn’t want me to suffer the pain that I endure because my stocks are going down. So, when fear is at its maximum signaling a bottom, he convinces me that I should sell just to get me that temporary relief.
Today though, I decided to start ignoring Billy. Although I appreciate his friendship and advice for the past 20 some years, it is not making me rich. In fact, even though he’s a billionaire, I’m still working hard for a living. I have most of my life ahead of me, and I cannot keep listening to him anymore.
I need to think long term for my investments and ignore market fluctuations. I want to be wealthy, but not busy. I want to live happily, and not miserably. I need to stop being silly, and definitely not listen to Billy.
http://www.moneyning.com
Laura K (SOIC)
Hey guys, Im new here so Im gonna get straight to the point and hope to get some good replys
I recently downloaded couple files from limewire and now my computer is acting really messed up, It takes long time to start and after turning on
I get many notifications from my firewall that something is trying to connect to the internet, Im worried if they may be trojans or viruses and
that someone is trying to steal my passwords.
Well thats it, stupid problem and I hope that it has a nice easy solution that you can come up with, Im getting all your replays to my email
so I´ll keep an eye on the topic, take care.
Hi guys,
I recently registered to this forum http://www.staff-lounge.com and hope that you can
give me an advice on the forex - I am looking for an introduction
for beginners. I have already some knowledge about shares. (Hope this is the right category.)
Any help is so much appreciated. Most important question: can a noob make money on the forex?
Thanks,
Jim
Hi
Bye
Hello. It is test.
Hi, just registered today, can someone give me some suggestions on which ebooks or guides are good for newbies like me?