Current time: 04-17-2014, 04:02 AM Hello There, Guest! (LoginRegister)


Discuss: MyBB 1.4.3 Released - Security Update
10-28-2008, 03:49 AM
Post: #11
RE: Discuss: MyBB 1.4.3 Released - Security Update
Updating my BBs using 1.4, thanks.

Cycling Topics
Discuss bicycles and cycling whether road, mountain, bmx, tri and more.
Visit this user's website Find all posts by this user
10-28-2008, 03:53 AM
Post: #12
RE: Discuss: MyBB 1.4.3 Released - Security Update
This user has been denied support. This user has been denied support.
So is this ONLY a security update? What about the fixes from 1.4.2? Are those still in the queue?
Visit this user's website Find all posts by this user
10-28-2008, 03:56 AM
Post: #13
RE: Discuss: MyBB 1.4.3 Released - Security Update
(10-28-2008 03:53 AM)labrocca Wrote:  So is this ONLY a security update? What about the fixes from 1.4.2? Are those still in the queue?
Of course, they will be fixed in a maintenance release. We won't just forget about people's bug reports and our developer's fixes. Smile

pie ._.
Find all posts by this user
10-28-2008, 04:13 AM
Post: #14
RE: Discuss: MyBB 1.4.3 Released - Security Update
This user has been denied support. This user has been denied support.
Well...didn't mean to imply you would forget them but I didn't see a bug list so I was wondering why they weren't included.I was sort of expecting a maintenance release as a lot of bugs are getting marked as fixed recently.
Visit this user's website Find all posts by this user
10-28-2008, 04:16 AM
Post: #15
RE: Discuss: MyBB 1.4.3 Released - Security Update
Am I just late or am I just late LOL, how long this patch been out, just got the email few mins ago.

Do Follow Proxy Directory
Watch House Now Online For Free
Find all posts by this user
10-28-2008, 04:16 AM
Post: #16
RE: Discuss: MyBB 1.4.3 Released - Security Update
(10-28-2008 04:13 AM)labrocca Wrote:  Well...didn't mean to imply you would forget them but I didn't see a bug list so I was wondering why they weren't included.I was sort of expecting a maintenance release as a lot of bugs are getting marked as fixed recently.
In order for us to release a maintenance package we have to test the package extensively to make sure that things were not broken along the way. Meaning it would take longer to patch the security vulnerabilities and we wouldn't want that. Smile

pie ._.
Find all posts by this user
10-28-2008, 04:17 AM
Post: #17
RE: Discuss: MyBB 1.4.3 Released - Security Update
(10-28-2008 04:16 AM)Demonic Wrote:  Am I just late or am I just late LOL, how long this patch been out, just got the email few mins ago.
Look at the time/date of the original post of the announcement.

pie ._.
Find all posts by this user
10-28-2008, 04:22 AM (This post was last modified: 10-28-2008 04:29 AM by Demonic.)
Post: #18
RE: Discuss: MyBB 1.4.3 Released - Security Update
Also I think might be small minor error you guys should of modified in the "inc/adminfunctions_template.php"

On line 27 wouldn't you replace:

PHP Code:
$query $db->simple_select("templates""*""title='$title' AND sid='-2'"); 

with

PHP Code:
$query $db->simple_select("templates""*""title='" $db->escape_string($title) . "' AND sid='-2'"); 

Just saying..(No its not a security risk, but it can cause errors if a plugin developer messes up with the title)

Do Follow Proxy Directory
Watch House Now Online For Free
Find all posts by this user
10-28-2008, 04:56 AM
Post: #19
RE: Discuss: MyBB 1.4.3 Released - Security Update
Successfully upgraded to Mybb 14.3. , Thanks to the Mybb Developing Team.

Smile Smile

Kerala Talkies
Visit this user's website Find all posts by this user
10-28-2008, 04:57 AM
Post: #20
RE: Discuss: MyBB 1.4.3 Released - Security Update
(10-28-2008 04:22 AM)Demonic Wrote:  Also I think might be small minor error you guys should of modified in the "inc/adminfunctions_template.php"

On line 27 wouldn't you replace:

PHP Code:
$query $db->simple_select("templates""*""title='$title' AND sid='-2'"); 

with

PHP Code:
$query $db->simple_select("templates""*""title='" $db->escape_string($title) . "' AND sid='-2'"); 

Just saying..(No its not a security risk, but it can cause errors if a plugin developer messes up with the title)

A plugin developer can mess up a lot more than that Toungue

Dennis Tsang
http://dennistt.net
Find all posts by this user


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | MyBB | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication