Dec 26
I only post this because 1) phpBB is so freaking popular, and 2) I recently installed two instances of it at work (so it affects me too).
I first seen the announcement on the Internet Storm Center web site, then I went over to the phpBB website for the “real” announcement.
Anyways, the Changelog for 2.0.22 lists the following:
- [Fix] Check for user’s existence prior to showing email form
- [Fix] New members of moderator groups should always become moderators (Bug #382)
- [Fix] Proper message when replying to non-existant topics (Bug #459)
- [Fix] Changed column type of search_array to store more ids (Bug #4058)
- [Fix] Fixed annoyance with font-size selector (Bug #4612)
- [Fix] Fix optimize line in database updater (Bug #6186)
- [Sec] Check for the avatar upload directory reinforced
- [Sec] Changes to the criteria for “bad” redirection targets - kellanved
- [Sec] Fixed a non-persistent XSS issue in private messaging
- [Sec] Fixing possible negative start parameter - SpiderZ.
- [Sec] Added session checks to various forms - kellanved
Recent Comments