Differences

This shows you the differences between the selected revision and the current version of the page.

punbb13:bugs 2009/04/24 08:26 punbb13:bugs 2012/11/20 17:18 current
Line 14: Line 14:
    * Markup issues in install.php (fixed in [901]).     * Markup issues in install.php (fixed in [901]).
    * Incorrect heading set in profile, reported by [[http://punbb.informer.com/forums/topic/20290/problem-in-profile-change-password/|fantasma]] (fixed in [902]).     * Incorrect heading set in profile, reported by [[http://punbb.informer.com/forums/topic/20290/problem-in-profile-change-password/|fantasma]] (fixed in [902]).
-    * Underline is working as italics ([[http://punbb.informer.com/forums/post/119506/#p119506|post by Garciat]], fixed in [922]).+    * Underline is working as italics ([[http://punbb.informer.com/forums/post/119506/#p119506|post by User33]], fixed in [922]).
    * Incorrect message ''you must copy/upload the file .htaccess from the extras directory'' in forum settings ([[http://punbb.informer.com/forums/topic/20298/incorrect-warning-where-is-the-extras-folder-re-custom-urls/|topic by esupergood]], fixed in [923]).     * Incorrect message ''you must copy/upload the file .htaccess from the extras directory'' in forum settings ([[http://punbb.informer.com/forums/topic/20298/incorrect-warning-where-is-the-extras-folder-re-custom-urls/|topic by esupergood]], fixed in [923]).
    * Make "new hotfixes" message more informative, see [[http://punbb.informer.com/forums/post/119664/#p119664|Forums topic by colak]] for details (fixed in [923]).     * Make "new hotfixes" message more informative, see [[http://punbb.informer.com/forums/post/119664/#p119664|Forums topic by colak]] for details (fixed in [923]).
    * Breadcrumbs: Lack of link on topic subject => no topic permalink at all! (fixed in [924])     * Breadcrumbs: Lack of link on topic subject => no topic permalink at all! (fixed in [924])
-    * Wrong appearing of 'sticky' word in search results, reported by [[http://punbb.informer.com/forums/topic/20292/all-topics-show-locked-in-show-recent-view-bug/|teva and Garciat]] (fixed in [910] and [928]).+    * Wrong appearing of 'sticky' word in search results, reported by [[http://punbb.informer.com/forums/topic/20292/all-topics-show-locked-in-show-recent-view-bug/|teva and User33]] (fixed in [910] and [928]).
===== PunBB 1.3.1 bugs ===== ===== PunBB 1.3.1 bugs =====
Line 40: Line 40:
  * Incorrect HTTP response code (503 instead 404) for non-existent pages when SEF is enabled ([[http://punbb.informer.com/forums/topic/21081/rewrite-nonexistent-page-returns-503-instead-of-404-code/|reported by commanche]], fixed in [1118]).   * Incorrect HTTP response code (503 instead 404) for non-existent pages when SEF is enabled ([[http://punbb.informer.com/forums/topic/21081/rewrite-nonexistent-page-returns-503-instead-of-404-code/|reported by commanche]], fixed in [1118]).
===== PunBB 1.3.3 bugs ===== ===== PunBB 1.3.3 bugs =====
 +  * Inverse numbering of previous posts on post preview ([[http://punbb.informer.com/forums/topic/21632/inverse-numbering-of-previous-posts-when-writing-a-new-one/|reported by maststef]], fixed in [1162]).
 +  * Possible XSS vulnerability in profile.php on password and e-mail change (reported by Richard Sammet, fixed in [1164], [[hotfixes|hotfix]] [[http://punbb.informer.com/update/manifest/hotfix_133_xss_attack_in_profile.xml|hotfix_133_xss_attack_in_profile]] released).
 +
 +===== PunBB 1.3.4 bugs =====
 +  * Seems like checking of csrf tokens does not involve correspondent timeout in a right way (fixed in [1325], [[http://punbb.informer.com/forums/post/128539/|fix by bedroom]]).
 +  * FIXME One can't post in a forum if there is only post permission (reported by [[http://punbb.informer.com/forums/topic/21695/error-in-postphp-querry/|Cereal]]).
  * FIXME Unsubscribe CSS issue: http://punbb.informer.com/forums/post/122868/#p122868   * FIXME Unsubscribe CSS issue: http://punbb.informer.com/forums/post/122868/#p122868
-  * FIXME CSS bug in Firefox 1.5, see [[http://punbb.informer.com/forums/post/119723/#p119723|Forums topic by Garciat]] for details. 
  * FIXME Just after installing the 'online' table takes a lot of diskspace on some systems (for example, 1.6 Mb on PHP: 4.4.9, Accelerator: eAccelerator, DB: MySQL Standard 4.1.22; see also a [[http://punbb.informer.com/forums/topic/20394/database-size/|topic on forums]]).   * FIXME Just after installing the 'online' table takes a lot of diskspace on some systems (for example, 1.6 Mb on PHP: 4.4.9, Accelerator: eAccelerator, DB: MySQL Standard 4.1.22; see also a [[http://punbb.informer.com/forums/topic/20394/database-size/|topic on forums]]).
-  * FIXME Seems like checking of csrf tokens does not involve correspondent timeout in a right way. 
  * FIXME Updating script (''admin/db_update.php'') issues?   * FIXME Updating script (''admin/db_update.php'') issues?
 +
 +===== PunBB 1.3.5 bugs =====
 +  * CSS & markup.
 +  * Missing lang entries on language files.
 +  * Correct path and alerts on install.
 +  * Fixed typos and more.
 +
 +===== PunBB 1.3.6 bugs =====
 +  * XSS vulnerabilities described on [[http://punbb.informer.com/forums/post/141236/#p141236]]
 +  * Error with bans in admin/bans.php and profile.php
 +  * Invalid closing tag described on issue [[https://github.com/punbb/punbb/issues/32|#32]].
===== Security issue details ===== ===== Security issue details =====

Personal Tools