|
Actualizacion a phpBB 2.0.12 released |
|
|
|
Noticias -
noticias - seguridad/alertas
|
|
escrito por Dabo
|
|
Tuesday, 22 de February de 2005 |
Hola amigos, desde phpBB.com nos informan de una nueva versión de los foros que soluciona muchos de los problemas de seguridad encontrados, sobre todo con versiones de PHP 4.3.10
Cambios y mejoras introducidas
- Added confirm table to admin_db_utilities.php
- Prevented full path display on critical messages
- Fixed full path disclosure in username handling caused by a PHP 4.3.10 bug - AnthraX101
- Added exclude list to unsetting globals (if register_globals is on) - SpoofedExistence
- Fixed arbitrary file disclosure vulnerability in avatar handling functions - AnthraX101
- Fixed arbitrary file unlink vulnerability in avatar handling functions -AnthraX101
- Removed version number from powered by line
- Merged database update files to update_to_latest.php file
- Fixed path disclosure bug in search.php caused by a PHP 4.3.10 bug (related to AnthraX101's discovery)
- Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - matrix_killer
toda la información aquí >>>>>>
A parchear amigos/as
Saludos, Dabo
|
--
--
