phpBB Updated. Security issues patched!

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

phpBB has released a security patch to version 2.0.22 which fixes the
latest crop of security issues in it.  You might want to do a remote log in
during the Holiday Time Off to apply the patch to your systems.

Happy holidays to those of you of the Jewish or Christian persuasion !!

Re: phpBB Updated. Security issues patched!

I Hate Form Spams wrote:
Quoted text here. Click to load it

2.0.22 changelog:
# [Fix] Check for user's existence prior to showing email form
# [Fix] New members of moderator groups should always become moderators
(Bug #382)
# [Fix] Proper message when replying to non-existant topics (Bug #459)
# [Fix] Changed column type of search_array to store more ids (Bug
# [Fix] Fixed annoyance with font-size selector (Bug #4612)
# [Fix] Fix optimize line in database updater (Bug #6186)
# [Sec] Check for the avatar upload directory reinforced
# [Sec] Changes to the criteria for "bad" redirection targets -
# [Sec] Fixed a non-persistent XSS issue in private messaging
# [Sec] Fixing possible negative start parameter - SpiderZ.
# [Sec] Added session checks to various forms - kellanved

And now I feel like I've actually conributed to phpBB... the first fix
was a problem I pointed out :)

Site Timeline