phpBBGarage.com

Home Of The phpBB Garage Modification

Skip to content

  • { ANNOUNCEMENTS }
    Replies
    Views
    Last post
  • { ANNOUNCEMENTS }
    Replies
    Views
    Last post

v1.2.0 Beta4 Released

Read me first before posting anywhere!

Moderator: Moderation Team

Post a reply

v1.2.0 Beta4 Released

Postby poyntesm » Wed Dec 05, 2007 4:31 pm

All,

1.2.0 Beta4 is now available. This fixes a SQL injection hole with the browse mode. I HIGHLY URGE all 1.2.0 users to upgrade ASAP.

The hacker is using search engines to find running phpBB Garages and then targeting them.

For a fresh install please down from http://forums.phpbbgarage.com/dload.php ... &cat_id=11

For a upgrade from 1.0.5 please download from http://forums.phpbbgarage.com/dload.php ... &cat_id=10

For a upgrade from 1.2.0 BetaX please just upload all files from tje fresh install ZIP.

Again sorry for the hassle. I hope this is the last security update I have to do. With me not being online as much it meant I was only aware of this issue yesterday. So I am happy enough that a 24 hour window to get a complete fix out the door.

Just also wanted to remind people that BETA software should but be used live. I run it here and I accept that risk, but you need to be fully aware of the risks.

Also please all make sure you have good backups. Mine were only 50% working. My posts/topics were not being backed up for the last year. Which is a real bummer for the site. I have resolved this issue now should I ever need it again.

So please make sure you update your sites ASAP. We phpBB Garage running on 100's of sites it appears the hackers have now spotted us :( but I hope there is no other hole at this time.

Regards
Esmond
User avatar
poyntesm
Development Team
Development Team
 
Posts: 1963
Joined: Thu Dec 29, 2005 1:35 pm
Location: Dublin, Ireland
Top

Postby poyntesm » Thu Dec 06, 2007 4:50 pm

See links below

EDIT: Hmm links removed after I calmed down

The hackers are very quick to spread the word. Please please upgrade to BETA4 ASAP. I do not want anyone else to suffer a hack.
Last edited by poyntesm on Fri Dec 07, 2007 8:36 am, edited 1 time in total.
User avatar
poyntesm
Development Team
Development Team
 
Posts: 1963
Joined: Thu Dec 29, 2005 1:35 pm
Location: Dublin, Ireland
Top

Postby slayer » Thu Dec 06, 2007 11:07 pm

seen those.. SUCKS, but are you sure you want that info listed here incase someone wants to try this out on some un-suspecting board?

i have the files saevd on my HD so i can test my own board... i was going to install phpbb2 and phpbbgarage 1.0.5 (latest) and make sure that is not volnurable.. (unless you have already tested that?)

just 1 thing off your plate if you havent tested the older versions
User avatar
slayer
Moderation Team
Moderation Team
 
Posts: 541
Joined: Thu Dec 29, 2005 5:54 pm
Location: Hamilton, Ontario (Canada)
Top

Postby poyntesm » Fri Dec 07, 2007 8:38 am

Thanks slayer, yeah removed the links.

I have tested 1.0.5 and I am 100% sure its OK. Thanks though.
User avatar
poyntesm
Development Team
Development Team
 
Posts: 1963
Joined: Thu Dec 29, 2005 1:35 pm
Location: Dublin, Ireland
Top
Post a reply

Return to Announcements

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Time : 0.056s | 16 Queries | GZIP : Off