Topics

MyBB 1.8.17 is now available, and is a maintenance release. This update fixes several issues introduced by MyBB 1.8.16 such as not being able to log into forums. 11 issues resolved Check Release Notes for a list of changes to language files, templates and unresolved issues. Get latest MyBB Full & Upgrade Packages → Go to mybb.com/security to report possible security concerns or to learn more about security research at MyBB. If you would like to contribute to the Project, Get Involved. Thanks, MyBB Team Continue reading...

MyBB 1.8.18 is now available, and is a security & maintenance release. Changes include added support for Mixer videos and multi-file attachments, modified Word Filter behavior, fixes to the mailing queue and improved compatibility with SQLite and MySQL 8. Theme CSS changes may be required and administrators may need to review Word Filters. 2 security vulnerabilities addressed: High risk: Image MyCode “alt” attribute persistent XSS — reported by Punisher_HF Medium risk: RSS Atom 1.0 item title persistent XSS — reported by 0xB9 30 issues resolved Check Release Notes for a list of changes to language files, templates and unresolved issues. Get lat…

Keeping MyBB boards secure is a team effort. Security issues discovered and reported by external researchers and our core developers are analysed, fixed and included in final packages. The process doesn’t end there however: it is essential that administrators are notified to update their forums as soon as possible in order to prevent the addressed vulnerabilities from being exploited in an attack on their boards and users. Our recently published summaries, recommendations and links to reviewed guides in the SECURITY.md file contain many resources forum administrators can use to secure their boards against both opportunist and experienced digital criminals. First an…

MyBB 1.8.19 is now available, and is a security & maintenance release. This update includes improved compatibility with PostgreSQL and resolves regressions from previous versions. Administrators may need to update CSS code in global.css for customized themes. 4 security vulnerabilities addressed: High risk: Email field SQL Injection — reported by StefanT Medium risk: Video MyCode Persistent XSS in Visual Editor — reported by Numan OZDEMIR of InfinitumIT Low risk: Insufficient permission check in User CP’s attachment management — reported by StefanT Low risk: Insufficient email address verification — reported by StefanT 8 issues resolved Check Re…

Greetings everyone, We are pleased to announce the release of phpBB 3.2.3 "Bertie's long summer". This version is a maintenance release of the 3.2.x branch which fixes various issues reported in previous versions. The fixed issues include, among others, problems when submitting posts with more than one attachment, migrations failing when updating from versions prior to phpBB 3.2.2 and PHP warnings being displayed when editing signatures in the ACP. Notable changes are the dropped support for HHVM (HipHop Virtual Machine) and more prominent links to privacy policy and the terms of use. The full list of changes is available in the changelog file within the docs …

Greetings everyone, We are pleased to announce the release of phpBB 3.2.4 "Bertie's ‘stache". This version is a maintenance and security release of the 3.2.x branch which fixes one security issue and various issues reported in previous versions. The security issue was discovered with a new exploitation technique called Phar deserialization. An attacker with control over a founder admin account could escalate to remote code execution by abusing PHP’s default unserialization of metadata in Phar files. More information about this technique can be found here. In order to fix this issue we’ve removed the ability to define absolute paths in the Admin Control Panel. This …

Greetings everyone, We are pleased to announce the release of phpBB 3.2.5 "Bertie's Secret Santa". This version is a maintenance release of the 3.2.x branch which fixes various issues reported in previous versions. The fixed issues include, among others, a BBCode parsing regression in the generate_text_for_display() function, a missing variable cast on the ACP extensions page, as well as a fix to how the assets version gets appended to JavaScript files included via INCLUDEJS. The full list of changes is available in the changelog file within the docs folder contained in the release package. You can find the key highlights of this release on the wiki at https://wi…

Greetings everyone, We are pleased to announce the release of phpBB 3.2.6 "You Know Nothing, Bertie Snow". This version is a maintenance and security release of the 3.2.x branch which fixes two security issues, introduces further hardening, and resolves various issues reported in previous versions. Previous versions of phpBB allowed users to run searches that might result in long execution times and load on larger boards when using the fulltext native search engine. To combat this, we have now introduced further restrictions on search queries. We’d like to thank Snover for his report and responsible disclosure. The issue has been assigned CVE-2019-9826. In addition…

Greetings everyone, We are pleased to announce the release of phpBB 3.2.7 "Bertie’s Force Field". This version is a maintenance release of the 3.2.x branch which resolves issues reported in previous versions. The fixed issues include, among others, issues with form token validation during login, the inability to change topic types after posting, an issue with viewing private message folders, and potentially incorrectly shortened URL links when using the Issues fixed in 3.2.7 The packages can be downloaded from our downloads page. The development team thanks everyone who contributed code to this release: JoshyPHP, Matt Friedman, mrgoldy, EA117 If you have an…

[HEADING=1]vBulletin 5.5.5 Changes and Updates[/HEADING] vBulletin Connect 5.5.5 is now available for all download customers. vBulletin Cloud customers will have their sites upgraded automatically over the next couple of weeks. All resolved issues can be viewed in our Issue Tracker. [HEADING=1]Front End Changes[/HEADING] [HEADING=2]New Landing Pages[/HEADING] We have added two new page layouts that users can select from when using Site Builder's Quick Setup. These new Home Pages allow you to change the focus of your site with a few clicks. They include: Standard: This is the default home page and the same as the one used in previous vBulletin 5.X versio…

[HEADING=1]vBulletin Mobile Suite 2.2 Changes[/HEADING] The mobile publisher has been updated to build version 2.2 of the vBulletin Mobile Suite Apps within the Mobile Publisher. This release provides a number of feature enhancements and bug fixes for both Android and iOS. [HEADING=1]General Feature Updates[/HEADING] Added better support for RTL languages. Parent/Guardian Support for COPPA has been added. Added support for Firebase Analytics. The Main menu can always be accessed by swiping left from the screen. Accessible features are now displayed in the Main Menu according to the user's permissions. The App Version will now display on the Log…

[HEADING=1]vBulletin 5.5.6 Changes and Updates[/HEADING] A preview release of vBulletin 5.5.6 is now available to download customers. This version contains updates to the content editor and security tools within the software. Pre-release software should not be used on production servers. It is made available for testing purposes only. [HEADING=1]Front End Changes[/HEADING] [HEADING=2]CKEditor Update[/HEADING] The version of CKEditor distributed with vBulletin is now 4.13. This brings the editor up to date with the vendor's distributed version. While the visible functionality will not have changed much, a lot has changed behind the scenes. For more information …

[HEADING=1]vBulletin 5.5.6 Changes and Updates[/HEADING] vBulletin 5.5.6 is now available to download customers. This version contains updates t o the content editor and security tools within the software. [HEADING=1]Front End Changes[/HEADING] [HEADING=2]CKEditor Update[/HEADING] The version of CKEditor distributed with vBulletin is now 4.13. This brings the editor up to date with the vendor's distributed version. While the visible functionality will not have changed much, a lot has changed behind the scenes. For more information on changes p lease see the CKEditor changelog. [HEADING=3]Emoji Support[/HEADING] Emoji are similar to vBulletin's smilie fun…

WoltLab Suite Core Die Gültigkeitsprüfung für Kategorien konnte auf Grund eines Programmierfehlers fehlschlagen. 3.0.19 pl 1+ Continue reading...

Die Downloads für Burning Board 4.0 und die verwandten Produkte bleiben bis zum 1. Juni 2019 verfügbar. Wir bitten ausdrücklich jeden Nutzer, der eine Sicherung dieser Dateien anfertigen möchte, diese nun herunterzuladen und sicher zu speichern. Continue reading...

Burning Board 4.1 erschien am 1. März 2015 und nach fast 4 Jahren endete am 11. Januar 2019, zwei Jahre nach der Veröffentlichung des Nachfolgers WoltLab Suite Forum 5.0, die garantierte Unterstützung dieser Version. Gleichzeitig ist dies aber auch die letzte Version der 4er Versionsreihe, und obwohl die überwältigende Mehrheit bereits die moderne WoltLab Suite einsetzt, möchten wir den Umstieg, im Rahmen einer beschränkten Unterstützung, für die noch verbleibenden Installationen so einfach wie möglich gestalten. Betroffene Produkte Burning Board 4.1 WoltLab Community Framework 2.1 WoltLab Blog 2.1 WoltLab Calendar 2.1 WoltLab Filebase 2.1 WoltLab Gallery …

WoltLab Suite Core Es war auf Grund eines Fehlers nicht möglich, ein bestehende Benutzerkonto mit einem Google-Konto zu verbinden. 2.1 / 3.0 / 3.1 Der Versuch Werbung bzw. Hinweise auf mehrseitigen Auflistung zu sortieren schlug fehl. 3.0 / 3.1 Continue reading...

Das Europäische Parlament stimmte am 26. März 2019 mehrheitlich für die Reform des Urheberrechts im Internet, deren Ziel es ist, ein Leistungsschutzrecht für Presseverleger sowie eine Lizenzierungspflicht für urheberrechtlich geschützte Werke vorzuschreiben. Wir gehen im Folgenden auf die Bedeutung von Artikel 13 bzw. 17 ein und liefern eine Einschätzung zur Auswirkung auf Foren. Artikel 13 bzw. Artikel 17 Artikel 13 des Entwurfs firmiert in der endgültigen Fassung als Artikel 17, ist aber inhaltlich identisch zu dem ursprünglichen Artikel 13. Auf Grund der Verwendung von Artikel 13 im Rahmen der Berichterstattung verwenden wir beide Bezeichnungen parallel, gemein…

AWS submitted a new resource: [plain]Admin Zone Dev Dark[/plain] - [plain]Dark style.[/plain] Read more about this resource...

[rainbow]This is just a test[/rainbow]