You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 269 guest(s) and 10 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Patch Released
SecurityHi Nukers, A patch for the NC Bundle has been released. and bb 2.0.6 has been released.

Please note this patch includes a file that ANYONE using the 2.0.6 forum, should install. These files are core Nuke/bb files and shouldn't change any modifications you have made to your site, so you can simply overwrite the existing files.

You can get it HERE

If you are not using the Bundle, the only file you need to install is functions.php. It completes the upgrade to 2.0.6. The file which was originally included in the upgrade zip was updated earlier today. The changes to this file are related to the previously mentioned SQL injection, and we believe this should rectify the situation. However, there have been some issues reproducing the injection, so please understand this is a patch based on what we know.

The rest of the files (including functions.php) are for the NC bundle. They correct some parse errors, as well as a problem with "you are not authorized to administer this board" Again just overwrite the existing files, maintaining the dir structure within the zip.

At this time the CVS hasn't been changed, so please DO NOT download the updated files from there, because you will be installing the old files. The CVS will be updated later on today.

As always support for this patch is available in the forums.
Posted on Friday, November 14 @ 08:19:37 CET by IACOJ
 
Related Links
· Computer Cops
· More about Security
· News by IACOJ


Most read story about Security:
PHP-Nuke admin.php security hole - PATCHED

Article Rating
Average Score: 5
Votes: 2


Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend

Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: Patch Released (Score: 1)
by IACOJ on Friday, November 14 @ 08:52:57 CET
(User Info | Send a Message)
Hi folks let me clarify something here, if you are upgrading your forums from 2.0.4 to 2.0.5 and then from 2.0.5 to 2.0.6 you do NOT need to install this patch. The files have already been changed in the 2.0.5-2.0.6 upgrade zip

If you have not updated to 2.0.6 yet it is strongly recommended that you do. A patch to fix these issues at lower levels of bb will not be released, because upgrading to a newer version will resolve the issue.

There was a reference to the bundle made because those particular files were changed and it caused an issue. These files are the core bb files, it is completely safe for anyone using 2.0.6 to overwrite the existing files they have without adversely affecting their site.



Re: Patch Released (Score: 1)
by ajthejuggalo on Friday, November 14 @ 14:47:16 CET
(User Info | Send a Message) http://www.mwjz.com
can we get a changed log of what needs to be changed..i uploaded these files and it HOSED my forums..

id rather do this by hand than overwrite any of my existing files.



Re: Patch Released (Score: 1)
by 5150Joker on Sunday, November 16 @ 04:44:42 CET
(User Info | Send a Message)
I'm a firm believer of "if it ain't broke, dont fix it". I finally got my site working without errors so good luck to anyone that updates and let us know how it goes :)


Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.058 Seconds - 373 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::