0 Mitglieder und 1 Gast betrachten dieses Thema.
l.i. Changes since 2.0.14 * Fixed moderator status removal in groupcp.php * Removed newlines after ?> on some files - Thoul * Added admin re-authentication (admin needs to login seperatly to access the ACP) - backported from Olympus * Fixed vulnerability in url/bbcode handling functions - PapaDos and Paul/Zhen-Xjell from CastleCops * Fixed issue in admin/admin_forums.php * Suppressed warning message for fsockopen in /includes/smtp.php - Thoul * Fixed bug in admin/admin_smilies.php (admin is able to add empty smilies) - Exy * Adjusted documents to reflect the urgent need to update the files too (not only running the database update script) * Updated the readme file * Added one new language variable * Added general error if accessing profile for a non-existent user * Changed session id generation to be more unique - Henno Joosep * Fixed bug in highlight code to escape characters correctly * Reversed the 2.0.14 fix for postgresql because it produced more problems than it solves. * Added reference to article written by R45 about case-sensitivity in postgreSQL to the readme file * Fixed bypassing of validate_username on registration - Yen * Empty url/img bbcodes no longer get parsedl.ii. Changes since 2.0.13 * Hardened author and keyword search a bit to not allow very server intensive searches * Fixed full path disclosure in bad word parsing * Resetting complete userdata array in session code if authentication fails * Fixed bug in moderator control panel where certain parameters could lead to an "error creating new session" sql error * Fixed bug in session code where empty page ids could lead to an "error creating new session" sql error * Fixed html handling in signatures if html is turned off globally * Fixed install.php problem with PHP5 register_long_arrays option turned off * Fixed potential issues with styling system * Added correct class to login_body template file * Removed file db/oracle.php from package * Removed version number from message body page in /admin (if user is not an admin) - mikelbeck * Fixed case-sensitivity issues in postgres7.php - R45l.iii. Changes since 2.0.12 * Ommitted preg_replace warning in viewtopic due to improper working of preg_quote in PHP - originally reported by matrix_killer, fix submitted by another party * Fixed high severity issue in session handling allowing everyone gaining administrator rights. Please update as soon as possible. * Minimum requirements raised to PHP 4.0.3 or above due to fixing vulnerability issues breaking PHP3 compatibility.l.iv. Changes since 2.0.11 * Added confirm table to admin_db_utilities.php * Prevented full path display on critical messages * Fixed full path disclosure in username handling caused by a PHP 4.3.10 bug - AnthraX101 * Added exclude list to unsetting globals (if register_globals is on) - SpoofedExistence * Fixed arbitrary file disclosure vulnerability in avatar handling functions - AnthraX101 * Fixed arbitrary file unlink vulnerability in avatar handling functions - AnthraX101 * Removed version number from powered by line * Merged database update files to update_to_latest.php file * Fixed path disclosure bug in search.php caused by a PHP 4.3.10 bug (related to AnthraX101's discovery) * Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - matrix_killer
Rancor]Wieso Beschwerden? Hat hier jemand gemotzt dass das Forum down war? :roll:@BrutyDachte das Forum läuft schon auf 2.0.17... :roll:
doch mich un crow hats tierisch angeschissen das das verfluchte drecks huren forum net gingso ne beschissene ficke hab ich schon lange netmehr erlebt :wink:
