KTA > News

[Informationen] Forenupdate

(1/4) > >>

Schnoofy:
2.0.3 -> 2.0.4

Soeben haben wir ein Update auf die Version 2.0.4 durchgefuehrt (Ankuendigung von Simple Machine).

Der Changelog:

--- Zitat von: SMF 2.0.4 ---SMF 2.0.4                                                      Febuary 1 2013
===============================================================================

January 2013
--------------------------------------------------------------------------------
 ! Joshua's fix for validatePasswordFlood logic error (reported by Raz0r)
 ! Arantor fix for database error on lost connections
 ! Quick fix for Admin Password Reset vulnerability reported by Raz0r
 ! Directory traversal vulnerability in the function ViewFile (thanks yan.uniko.102 for reporting and Arantor for proposing the fix and Spuds for spotting the undefined variable)
 ! active users cannot change anymore the email from action activate without deactivation/confirmation (thanks BarteX for reporting the issueand suggesting a fix)
 ! Change language from the admin panel could allow XSS, path disclosure and code injection (thanks Jakub Galczyk for reporting the issue)
 ! Missing arguments in SSI functions called through ?ssi= generated error messages showing full server file path (thanks yan.uniko.102 for reporting it)
 ! Directory listing and editing of arbitrary files from the theme editing page in the admin panel
--- Ende Zitat ---

Schnoofy:
2.0.4 -> 2.0.5

Soeben haben wir ein Update auf die Version 2.0.5 durchgefuehrt (Ankuendigung von Simple Machine).

Der Changelog:

--- Zitat von: SMF 2.0.5 ---SMF 2.0.5                                                      August 12 2013
===============================================================================

August 2013
--------------------------------------------------------------------------------
* Fix unsanitised XSS flaw in language editor
* Fix unsanitised XSS flaw in newsletters system
* Fix unsanitised input in personal messages
* Updated RIPE query address, as the old URL is no longer valid
--- Ende Zitat ---

Schnoofy:
2.0.5 -> 2.0.6

Soeben haben wir ein Update auf die Version 2.0.6 durchgefuehrt (Ankuendigung von Simple Machine).

Der Changelog:

--- Zitat von: SMF 2.0.6 ---SMF 2.0.6                                                      October 22 2013
===============================================================================

August 2013
--------------------------------------------------------------------------------
! Added some headers to help protect against clickjacking (thanks Jakob Lell for the report)
! Invalid avatars were not always properly cleaned up (thanks chaoztc for the report)
! Added protection against usernames being impersonated with Unicode space characters (thanks Jakob Lell for the report)
! Sessions weren't always cleaned up properly on logout (thanks creepernex for the report)
! Certain fields were accepted during registration even when they shouldn't be (thanks tomreyn for the report)
! Certain errors were unnecessarily shown during a failed registration and some of those were inappropriate anyway (thanks Labradoodle-360 for the report)
! Approving an account from a member's profile was not logged (thanks emanuele for the report)
! Approving an account from a member's profile did not always properly enforce security rules (thanks emanuele for the report)
! The PHPSESSID injector would also add it to the canonical link, breaking it (thanks to all who reported it)
! An invalid character was indicated in legacy attachment handling
! Under some circumstances the admin panel would not accept the number of verification questions you had entered (thanks BurkeKnight for the report)
! The help pages could sometimes accidentally direct users to non-existing pages (thanks AngelinaBelle for the report and Illori for the fix)
--- Ende Zitat ---

Schnoofy:
2.0.6 -> 2.0.7

Soeben haben wir ein Update auf die Version 2.0.7 durchgefuehrt (Ankuendigung von Simple Machine).

Der Changelog:

--- Zitat von: SMF 2.0.7 ---SMF 2.0.7                                                       January 20 2014
===============================================================================

January 2014
-------------------------------------------------------------------------------
 ! PHP 5.5 compatibility fixes merged in. (Thanks to all who contributed but especially SleePy and Spuds)
 ! Trim the username if oversized when logging in. (Thanks to TMcomputering for the report)
 ! Check that group inheritance is actually going to be viable before trying to do further inquiry. (Thanks to tfs for the report)
 ! Made sure some of the calendar holidays are corrected when previously incorrect.

December 2013
-------------------------------------------------------------------------------
 ! Don't let the prune reports function prune open, or for that matter, ignored, reports. (Reported by Kimmie)
 ! If an uploaded file somehow has an image size but isn't really an image, don't try to treat it as an image.
 ! Make file cache somewhat less fragile.
 ! ssi_fetchPosts didn't honour overriding permissions. (Thanks to IchBin for a fix)
 ! Privacy and original sending time were not kept in the mail queue in the event of sending failure.
 ! Wrong variable used in the mail queue handling (Thanks to Nao for originally finding the bug)
 ! Themes with spaces in could break the editor handling. (Thanks to akyhne for the report and akabugeyes for a suggested fix)
 ! Made the anti-XSS header a little less picky.
 ! FIND_IN_SET wasn't always properly set up for PostgreSQL use.
 ! Multiple installed themes with variants wouldn't all be able to be selected properly.
 ! Fields that are regex-validated couldn't be left empty (thanks HappyBits and emanuele)
 ! Fixing legacy TYPE=HEAP (thanks heusdens for the report)
--- Ende Zitat ---

Schnoofy:
2.0.7 -> 2.0.8

Soeben haben wir ein Update auf die Version 2.0.8 durchgefuehrt (Ankuendigung von Simple Machine).

Der Changelog:

--- Zitat von: SMF 2.0.8 ---SMF 2.0.8                                                       June 18 2014
===============================================================================

June 2014
-------------------------------------------------------------------------------
! Nobbc should work across multiple lines
! Package manager shouldn't fail when only 32M of memory is available
! Quoting posts with smileys in, in the WYSIWYG editor, shouldn't spout nonsense into the editor (in the way certain versions of 2.0.7 did)
! Td tags with a colspan should still function and not consume vast amounts of memory
! Using lots of html bbcode tags when not an admin should not consume vast amounts of memory
! Using queryless URLs, and/or when the PHPSESSID is present, should not consume vast amounts of memory
! Breaking long words should function without consuming lots of memory
! Adding posts with many smileys or bbc with specific parameter types (many times especially) should not consume vast amounts of memory, e.g. term
! Emails should work without consuming vast amounts of memory
! Time tags should work without consuming vast amounts of memory
! The copyright year should be updated
! Board order should always work correctly (if at a performance hit, a la the mod Arantor prepared)
! The memberlist search feature could, in some cases, throw a database error if no valid fields were specified
--- Ende Zitat ---

Navigation

[0] Themen-Index

[#] Nächste Seite

Zur normalen Ansicht wechseln