vBulletin 3.0.5

Naviga SWZ: Home Page » News
News del 07 Gennaio 05 Autore: Rostor
vBulletin 3.0.5
Rilasciata la nuova versione del più versatile software php per la gestione di Forum. Questa release è considerata CRITICA in virtù del rischio di accesso indesiderato ad i dati sensibili degli utenti ... quindi tutti gli admin che hanno una versione 3.x in funzione (tipo il sottoscritto ) sono invitati ad aggiornare al volo (fatto oggi pomeriggio ... sorry per il down di mezz'ora ) . Comunicato ufficiale :Critical Update The discovery of a serious security vulnerability in versions of vBulletin 3 up to and including 3.0.4 has necessitated the immediate release of a version to plug the hole. The vulnerability affects anyone running vBulletin 3 on PHP 4 with register_globals enabled in php.ini. This is a CRITICAL update, and urge all affected customers to upgrade vBulletin with the utmost urgency. vBulletin 3.0.5 includes all the updates recently released as part of vBulletin 3.0.4, including a long list of fixes for minor annoyances and bugs found since version 3.0.3. If you are unable to upgrade immediately, we recommend that you download the init.php file attached to this message and overwrite the init.php in the includes folder of your existing vBulletin installation. This will patch the flaw. Note that this version supercedes the init.php patch available with the 3.0.4 release. Important Warning About Sensitive Data Due to the nature of the vulnerability discovered in vBulletin 3, and as part of our ongoing effort to maximize security, we must assume that one or all of the vBulletin servers may have been compromised. Therefore, we would STRONGLY RECOMMEND that any customers who may have submitted sensitive data; such as vBulletin admin control panel or server login details, to Jelsoft staff in the past should take steps to alter these details, so that any information that may have been accessed by an unauthorized party could not be used. We would like to reassure our customers that Jelsoft keeps NO RECORD of credit card numbers used in transactions, making it impossible for these details to be discovered or abused. Additionally, steps have been taken and are ongoing to ensure that any potentially leaked data does not contain sensitive data.
14 - Commento/i sul Forum


Categoria: P2P e Web

La Community di SWZone.it

La community con le risposte che cerchi ! Partecipa é gratis !
Iscrizione ForumIscriviti al Forum


Vuoi ricevere tutti gli aggiornamenti di SWZone direttamente via mail ?
Iscrizione NewsletterIscriviti alla Newsletter