Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
MyBB 1.4.5 Released - Maintenance & Security Release
Author Message
RSS Bot
Junior Member


Posts: 22
Joined: May 2009
Reputation: 0
Thanked 0 Times in 0 Posts
MyBux: -80
Post: #1
MyBB 1.4.5 Released - Maintenance & Security Release

MyBB 1.4.5 is now available on the MyBB website and is a general maintenance and security release.

This release fixes over 100 reported issues with version released since 1.4.4 causing some incorrect functionality of MyBB. These bugs have been fixed to provide a more stable version of MyBB for public use.

What's added/changed in this version?
One Low XSS Vulnerability fixed in the ACP - This is tagged as low because it requires administrator permissions. This vulnerability was discovered and reported by ketto93.
Several Low CSRF vulnerabilities fixed in the ACP - These are all low priority because they require extremely rare circumstances and cannot compromise any information. They are only useful in assisting a DDOS attack. These vulnerability were found and fixed internally.
A minor weakness in an algorithm we use for generating a post key was fixed - This is low priority because it requires extensive computing power to even be a problem. This weakness was discovered and reported by frostschutz.
Commas have not been allowed in usernames since MyBB 1.4. They are forcefully removed during the upgrade procedure for MyBB 1.4.5 to ensure compliance and to fix a reported issue. Please inform your users with commas in their usernames of this change.
Lots of speed and stability improvements previously affecting large forums.
... Lots of other bug fixes


This release has been tested by our new Software Quality Assurance group and through a private beta test performed by members of the community. We thank you for making this a fine and stable release.

Information on upgrading, template changes and language changes can be found in the posts below.

Please note, that you need to run the upgrade script for this version.
This is so the templates may be updated.
There are database schema changes in this version.

Reporting MyBB security vulnerabilities
If you think you've found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we've had time to prepare and release a patch.

As always, you can send through security related messages on the MyBB website from the Contact Us page.

Posted on Sat, 18 Apr 2009 23:38:03 -0500 at http://community.mybboard.net/thread-48484.html

06-10-2009 11:18 AM
 


Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  MyBB Merge System 1.0 RC3 Released RSS Bot 1 155 07-09-2009 09:23 PM
Last Post: Design
  Color 2.0 Released Killswitch 14 540 07-09-2009 09:22 PM
Last Post: Design
  MyBB 1.4.8 Released - Maintenance & Security Release RSS Bot 24 654 07-09-2009 02:34 AM
Last Post: cassie
  MyBB 1.4.7 Released - Security Update RSS Bot 8 424 06-17-2009 12:12 PM
Last Post: cscomputing
  MyBB 1.2.13 Released - Security Update RSS Bot 0 78 06-10-2009 11:18 AM
Last Post: RSS Bot
  MyBB 1.4 now running on MyBB Community Forums RSS Bot 0 83 06-10-2009 11:18 AM
Last Post: RSS Bot
  MyBB 1.4 Beta RSS Bot 0 62 06-10-2009 11:18 AM
Last Post: RSS Bot
  MyBB 1.2.14 Released - Security & Maintenance Release RSS Bot 0 75 06-10-2009 11:18 AM
Last Post: RSS Bot
  MyBB 1.4 Released RSS Bot 0 70 06-10-2009 11:18 AM
Last Post: RSS Bot
  MyBB 1.4.1 Released - Maintenance and Security Update RSS Bot 0 70 06-10-2009 11:18 AM
Last Post: RSS Bot



New to MyBBSource?Need Assistance?
  • Mark Forums Read
  • View Forum Staff
  • Looking for a MyBB Host?




Theme created by AK-47. Find more great themes and skins at K! Dezign Web Design
Wordpress Web Design
Youtube Video Free Bet Football Betting R1s