| This 34 message thread spans 2 pages: < < 34 ( 1  ) || |
|phpBB 2.0.13 released - Critical Update|
Get it ASAP
| 11:41 pm on Feb 27, 2005 (gmt 0)|
A new version of phpBB has come out and it is a Critical Update.
See the announcement here: [phpbb.com...]
...The first issue is critical (session handling allowing everyone gaining administrator rights) and we urge you to fix it on your forums as soon as possible...
You can download it here: [phpbb.com...]
Just wanted to alert you guys,
| 10:54 pm on Mar 8, 2005 (gmt 0)|
If you're tired of upgrading all the time, look into getting a better forum system, like SMF [simplemachines.org]...
| 3:30 am on Mar 9, 2005 (gmt 0)|
which is what, an upgrade from yabbse? Which is now gone? I have no idea if it's better, might be, might not. All I know is if I'd gone the yabb route I'd be bummed now. Hopefully this new line will stick around a while. Hope so, always good to have more players out there, lowers the risk to any one of them.
| 4:39 am on Mar 9, 2005 (gmt 0)|
SMF replaces YaBB SE. It is much much better than YaBB SE ever was. If you had chosen YaBB SE, you would not be "bummed", because it is quite easy to upgrade from YaBB SE to SMF. Check out [support.simplemachines.org...] - then you can see all the features that SMF has (even from an admin standpoint).
| 9:58 pm on Mar 9, 2005 (gmt 0)|
I'm not criticizing the product, I'm commenting on this:
"If you're tired of upgrading all the time"
Upgrades are required when a security issue is discovered. Hopefully you don't think forum x, y, or z are immune to such issues, and will not require upgrades? Yabb has escaped serious attention because it has fewer installs, once crackers start focusing on a product it's amazing what they can come up with. Last year crackers werent' all that interested in phpbb, this year they are, and so they started finding holes. Don't fool yourself into thinking a product is secure that is live and online on the web. Some of the recent phpbb security fixes were workarounds for php security issues, for example.
What makes me really tired is having to reinstall a forum that's been hacked, db destroyed, so I'll take a small upgrade anytime over that headache, hopefully the new yabb board will take the same approach, release patches fast when security issues come up.
| This 34 message thread spans 2 pages: < < 34 ( 1  ) |