2008-05-21, 12:38 AM
MyBB 1.2.13 is a security update to the MyBB 1.2 series. It fixes 1 HIGH risk and 1 Medium risk security vulnerability. We recommend everybody upgrades to this release immediately or patches their boards with the manual patching instructions below.
These vulnerabilities affect MyBB 1.2.12 and previous releases of MyBB 1.2. Older versions of MyBB may also be affected.
Thanks to ostro for reporting these vulnerabilities.
MyBB 1.2.12 to MyBB 1.2.13 Patch
This patch is only for users running MyBB 1.2.12. If you are running any other version of the MyBB 1.2 series then please download MyBB 1.2.13 from the MyBB site and update to it.
Please download the attached ZIP archive and replace the files in your forum directory with those from the ZIP archive.
[attachment=9271]
If you wish to manually patch your board please download "mybb_1213_patches.txt" and follow the instructions in that file.
[attachment=9272]
For the upgrade of 1.2.12 to 1.2.13, the upgrader is NOT required -- just replace the files (or modify them as per the manual patch instructions) and you will be set.
Reporting MyBB security vulnerabilities
If you think you've found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we've had time to prepare and release a patch.
As always, you can send through security related messages on the MyBB website from the Contact Us page.
These vulnerabilities affect MyBB 1.2.12 and previous releases of MyBB 1.2. Older versions of MyBB may also be affected.
Thanks to ostro for reporting these vulnerabilities.
MyBB 1.2.12 to MyBB 1.2.13 Patch
This patch is only for users running MyBB 1.2.12. If you are running any other version of the MyBB 1.2 series then please download MyBB 1.2.13 from the MyBB site and update to it.
Please download the attached ZIP archive and replace the files in your forum directory with those from the ZIP archive.
[attachment=9271]
If you wish to manually patch your board please download "mybb_1213_patches.txt" and follow the instructions in that file.
[attachment=9272]
For the upgrade of 1.2.12 to 1.2.13, the upgrader is NOT required -- just replace the files (or modify them as per the manual patch instructions) and you will be set.
Reporting MyBB security vulnerabilities
If you think you've found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we've had time to prepare and release a patch.
As always, you can send through security related messages on the MyBB website from the Contact Us page.