2008-11-27, 07:52 AM
MyBB 1.4.4 is now available on the MyBB website and is a general maintenance and security release.
This release fixes numerous issues with versions released since 1.4.3 and 1.4.2 with some causing incorrect functionality of MyBB. These bugs have been fixed to provide a more stable version of MyBB for public use.
What's added/changed in this version?
MyBB 1.4.3 to MyBB 1.4.4 Patch
This patch is only for users running MyBB 1.4.3. If you are running any other version of the MyBB 1.4 series then please download MyBB 1.4.4 from the MyBB site and update to it.
Please download "mybb_1403_patches.txt" and follow the instructions in that file.
[attachment=11776]
I'd like to thank the community for their amazing contributions to MyBB over the past years:
Information on upgrading, template changes and language changes can be found in the posts below.
Please note, that you need to run the upgrade script for this version. This is so the templates may be updated.
There are database schema changes in this version.
Reporting MyBB security vulnerabilities
If you think you've found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we've had time to prepare and release a patch.
As always, you can send through security related messages on the MyBB website from the Contact Us page.
This release fixes numerous issues with versions released since 1.4.3 and 1.4.2 with some causing incorrect functionality of MyBB. These bugs have been fixed to provide a more stable version of MyBB for public use.
What's added/changed in this version?
- Low CSRF Weakness fix - This vulnerability was discovered and reported by NBBN.
- Brute Force protection has been enhanced in MyBB 1.4.4 by adding CAPTCHA protection after 3 attempts at logging in.
MyBB 1.4.4 does not provide a separate setting for this as it is hard coded to reduce complexities in this maintenance release. MyBB 1.6 will however, feature a separate setting to manage its behavior.
- Ability to turn off Codepress template editing via ACP Preferences
- New plugin hook at beginning of editpost.php
- ... Lots of other bug fixes
MyBB 1.4.3 to MyBB 1.4.4 Patch
This patch is only for users running MyBB 1.4.3. If you are running any other version of the MyBB 1.4 series then please download MyBB 1.4.4 from the MyBB site and update to it.
Please download "mybb_1403_patches.txt" and follow the instructions in that file.
[attachment=11776]
I'd like to thank the community for their amazing contributions to MyBB over the past years:
- All of the developers we've had work on 1.4 for building a very stable release of MyBB and putting in the grueling hours to make sure the end product works correctly.
- Our new Software Quality Assurance team, whom have risen to the challenge of extensively testing each and every change put forth into the code that runs your forum. We hope you will see the benefits of this new team grow as we expand and perfect our QA processes.
- The support team for their extensive knowledge of MyBB and the relentless and excellent support you provide to our users.
- The translators - you guys have done an amazing job bringing MyBB to your locality. Your work is very appreciated; especially by the communities that you have been able to create because of it!
- The beta testers who without, your forum would never have been as stable as it is today.
- The modification and theme community who have pushed the creative and technological boundaries of MyBB to it's limits.
- And most importantly: You. Without you MyBB would not be what it is today. So I thank you for helping create MyBB and sticking with us, even when things didn't always go perfectly.
Information on upgrading, template changes and language changes can be found in the posts below.
Please note, that you need to run the upgrade script for this version. This is so the templates may be updated.
There are database schema changes in this version.
Reporting MyBB security vulnerabilities
If you think you've found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we've had time to prepare and release a patch.
As always, you can send through security related messages on the MyBB website from the Contact Us page.