2008-10-28, 03:49 AM
2008-10-28, 03:53 AM
2008-10-28, 03:56 AM
(2008-10-28, 03:53 AM)labrocca Wrote: [ -> ]So is this ONLY a security update? What about the fixes from 1.4.2? Are those still in the queue?Of course, they will be fixed in a maintenance release. We won't just forget about people's bug reports and our developer's fixes.
2008-10-28, 04:13 AM
2008-10-28, 04:16 AM
2008-10-28, 04:16 AM
(2008-10-28, 04:13 AM)labrocca Wrote: [ -> ]Well...didn't mean to imply you would forget them but I didn't see a bug list so I was wondering why they weren't included.I was sort of expecting a maintenance release as a lot of bugs are getting marked as fixed recently.In order for us to release a maintenance package we have to test the package extensively to make sure that things were not broken along the way. Meaning it would take longer to patch the security vulnerabilities and we wouldn't want that.
2008-10-28, 04:17 AM
2008-10-28, 04:22 AM
2008-10-28, 04:56 AM
Successfully upgraded to Mybb 14.3. , Thanks to the Mybb Developing Team.
2008-10-28, 04:57 AM
(2008-10-28, 04:22 AM)Demonic Wrote: [ -> ]Also I think might be small minor error you guys should of modified in the "inc/adminfunctions_template.php"
On line 27 wouldn't you replace:
$query = $db->simple_select("templates", "*", "title='$title' AND sid='-2'");
with
$query = $db->simple_select("templates", "*", "title='" . $db->escape_string($title) . "' AND sid='-2'");
Just saying..(No its not a security risk, but it can cause errors if a plugin developer messes up with the title)
A plugin developer can mess up a lot more than that
