|
النسخه الجديدة : vBulletin Version 3.0.6 ( جديد NEW )
السلام عليكم ورحمة الله ..
تم الان ... صدور النسخه الجديده من الشركه ( www.vbulletin.com/forum ) النسخه الجديدة : vBulletin Version 3.0.6 وقد حلت مشاكل كثيره وجدت في النسخه التي قبلها .. ونزلت ايضاً نسخه جديده للجيل الثاني vBulletin Version 2.3.6 سوف يتم الاعلان عنها في قسم الجيل الثاني ... vBulletin 3.0.6 and 2.3.6 are security and bug fix releases. They fix a recently discovered XSS issue regarding BB code parsing. All versions of vBulletin are vulnerable. The only workaround is to disable BB code parsing in signatures and all forums where untrusted users can post. We strongly urge all customers to upgrade or patch their installations ASAP. At the end of this post, you will find a patch for the security issue for includes/functions_bbcodeparse.php (vBulletin 3) and admin/functions.php (vBulletin 2); overwrite the version on your server with the file in the appropriate zip. I would again like to reiterate that security is of our utmost concern. Recently, there have been several reports of security issues in vBulletin that have prompted the recent releases. We realize that these releases can be a burden on you. For that, we are sorry, but once we have become aware of a security issue, it is our duty to provide a fix to that issue. We are also performing internal security audits and looking into changes to our core systems to prevent issues such as these from occuring in the future. Performance Hit Since PHP 4.3.10 / 5.0.3 Many people have noticed that vBulletin (any a lot of other PHP applications) suddenly started to run significantly slowed than normal after installing PHP 4.3.10 or 5.0.3 in order to patch the security flaw in previous versions of PHP. This cause of this slow-down has been identified as a problem with the unserialize() function in PHP. For more details, see bugs.php.net. Template Changes التمبلت المتغيره From 3.0.5 to 3.0.6 1 editor_toolbar_standard editor_toolbar_wysiwyg Added the "Increase Size / Decrease Size" controls that are in use on vbulletin.com Requires Revert: Yes if you want this functionality pollresults_table Added a conditional that displays "Multiple Choice Poll" for such polls. Requires Revert: Yes if you want this functionality. im_send_msn Added javascript error suppression to hide the error that occurs if you try to use MSN when you are not logged in. Requires revert? No headinclude Change: var SESSIONURL = "$session[sessionurl]"; to var SESSIONURL = "$session[sessionurl_js]"; Requires Revert? Yes to have the proper session hash for javascript links. Files Changed From 3.0.5 to 3.0.6 / attachment.php calendar.php cron.php forumdisplay.php global.php image.php login.php memberlist.php poll.php private.php profile.php search.php showthread.php subscription.php usercp.php /admincp/ attachment.php cronadmin.php forum.php forumpermission.php image.php index.php phrase.php subscriptions.php template.php thread.php user.php usertools.php /archive/ index.php /clientscript/ vbulletin_editor.js vbulletin_stdedit.js vbulletin_templatemgr.js /includes/ adminfunctions_backup.php adminfunctions_language.php adminfunctions_template.php adminfunctions_user.php functions.php functions_bbcodeparse.php functions_cron.php functions_editor.php functions_newpost.php functions_subscriptions.php functions_wysiwyg.php functions_xml.php init.php modfunctions.php sessions.php /modcp/ index.php Bugs Fixed المشاكل التي تم اصلاحها From 3.0.5 to 3.0.6 3586 - Firefox Standard Editor - Increase and Decrease window size does not work 3618 - Wrong "Format For Date" Examples 3612 - "Forum Home Page" Link (Purely Cosmetic) 3478 - SQL Backup produces invalid files 3346 - Mozilla WYSIWYG Editor Adds Extra Spaces 3605 - Typo in private.php 3608 - "Display Age" cannot be translated 3609 - “Birthday Date Format Override” lost when exporting/importing language 3615 - Search by last visit in admincp returns incorrect data 3639 - Multiple choice poll percentages calculated incorrectly 3644 - PM_MESSAGELISTBIT_USER uncached 3647 - Datastore not rebuilt after delete custom phrase 3648 - Scheduled task names double escaped 3630 - Missing phrase activating_registration 3652 - language_files_text phrase missing content 3624 - SQL error when searching FAQ (MySQL 4.1.x) 3654 - Double slashes in URL path break login redirection 3653 - Searching for exact User causes mySQL-Error 3623 - Invalid XHTML (& not & ) 3663 - Add smilies help misdocumented 3620 - POST referrer check broken 3665 - Redirect forums browsable in archive 3667 - Grammar error on user moderation page 3662 - Logging on forum list in archive fails 3660 - Orphaned polls cause JS error on "Who Voted" 3618 - Date format example incorrectly 3612 - Forum home page link in mod CP missing </a> 3640 - Paid Subscription DB error 3366 - Invalid characters not stripped on XML export 3482 - strip_bbcode()/strip_quotes() slow in specific case 3666 - password history only works on the 2nd try 3650 - Uncached templates in forumdisplay.php 3643 - strip_bbcode should remove URL's when checking signature length 3568 - Old versions of Camino show WYSIWYG 3642 - Start Date has no effect in Paid Subscriptions 3421 - Merging users ignores paid subscriptions 3527 - # not added to hex colors in signature 3459 - Alignment tags display in PHP tags 3669 - Holiday system cannot handle Leap Day 3617 - Moderated Posts showing up in admin panel home Possible XSS issue in private.php (fixed previously) Possible XSS with BB code parsing and invalid nesting للإطلاع والفائدة : https://www.vbulletin.com/forum/showthread.php?p=800224 https://www.ebda3yat.com/vb/showthre...p=1207#post1207 |
| الساعة الآن 02:40 PM |
جميع الحقوق محفوظة لـ الشبكة الكويتية
التعليقات المنشورة لا تعبر عن رأي الشبكة الكويتية ولا نتحمل أي مسؤولية قانونية حيال ذلك ويتحمل كاتبها مسؤولية النشر