Patch Released
Date: Friday, November 14 @ 08:19:37 CET
Topic: Security


Hi Nukers, A patch for the NC Bundle has been released. and bb 2.0.6 has been released.

Please note this patch includes a file that ANYONE using the 2.0.6 forum, should install. These files are core Nuke/bb files and shouldn't change any modifications you have made to your site, so you can simply overwrite the existing files.

You can get it HERE

If you are not using the Bundle, the only file you need to install is functions.php. It completes the upgrade to 2.0.6. The file which was originally included in the upgrade zip was updated earlier today. The changes to this file are related to the previously mentioned SQL injection, and we believe this should rectify the situation. However, there have been some issues reproducing the injection, so please understand this is a patch based on what we know.

The rest of the files (including functions.php) are for the NC bundle. They correct some parse errors, as well as a problem with "you are not authorized to administer this board" Again just overwrite the existing files, maintaining the dir structure within the zip.

At this time the CVS hasn't been changed, so please DO NOT download the updated files from there, because you will be installing the old files. The CVS will be updated later on today.

As always support for this patch is available in the forums.





This article comes from NukeCops
http://www.nukecops.com

The URL for this story is:
http://www.nukecops.com/modules.php?name=News&file=article&sid=991