Firefox PHP

Phorum 5.2.19 released - SECURITY FIX

Posted by Thomas Seifert 
Phorum 5.2.19 released - SECURITY FIX
August 24, 2012 03:47PM
We are happy to announce our latest stable release Phorum-5.2.19.
It is a bug fix release over 5.2.18 fixing some issues reported (including patches, thanks folks!) and other collected changes since the last release.

It also includes a security fix for an XSS issue reported by High-Tech Bridge Security Research Lab in the group moderation screen in the controlcenter. Thanks!

You can download this new release from our downloads page.

This is the excerpt from the changelog:

Fri Aug 24 15:20:02 2012 +0200: Thomas Seifert
* Correction phrase search in non-fulltext mode ( fixes #880 )

Fri Aug 24 15:08:24 2012 +0200: Thomas Seifert
* Removed TYPE= create table options. Default table types should be used wherever possible.

Fri Aug 24 14:37:09 2012 +0200: Thomas Seifert
* fixed possible XSS reported by High-Tech Bridge Security Research Lab

Fri May 25 08:57:17 2012 +0200: Thomas Seifert
* Fix moderator list retrieval

Performance improvements for moderator list (version for 5.2, by GroM)
Thu Mar 8 15:04:14 2012 +0100: GroM
* Performance fix for moderator list (exclude inactive) - DB

Mon Dec 19 14:59:53 2011 +0100: Thomas Seifert
* fixed a fatal error in moderation actions when the message cache is enabled (thanks for the patch to Jurij Kovacic)

Mon Dec 19 14:56:12 2011 +0100: Thomas Seifert
* fixed even logging logviewer

Fri Oct 7 16:28:33 2011 -0500: Brian Moon
* don't include PATH_INFO in the current URL.

Tue Oct 4 00:57:03 2011 +0200: Maurice Makaay
* Fixes for XSS issues in admin interface URLs.


Thomas Seifert
Phorum Development Team / Mysnip-Solutions.de
Custom Phorum and general software development
worry-free Phorum Hosting
Sorry, only registered users may post in this forum.

Click here to login