You are not logged in. Please login or register.
PunBB Forums → News → PunBB 1.2.23
Found new vulnerability in PunBB 1.2, it was related to a bug in the PHP "unserialize" function. It was fixed and the new version of PunBB (1.2.23) has been released! It is recommended that you update your PunBB 1.2.* installation.
Thanks to hcs for report.
Changes from 1.2.22:
Fixed vulnerability in cookie authorization via "unserialize" function.
Visit Downloads page for the PunBB 1.2.23 packages and patches. Or get the latest revision from SVN.
Hi.
There is an error in HDIFF PunBB 1.2.22 to 1.2.23 changes :
punbb-1.2.22/upload/include/functions.php
371: $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());is the same as:
punbb-1.2.23/upload/include/functions.php
371: $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());MyBestBB premod version updated to 1.2.23 ( http://trac.ww7.be/trac.ww7.be/changeset/403 ), thanks again for providing security upgrades ans hdiff.
I am also looking for the solution of same problem. I searched it a lot and find your thread. please help me too
<jonsteve300>
PunBB Forums → News → PunBB 1.2.23
Powered by PunBB, supported by Informer Technologies, Inc.