FUDforum 2.7.0 Released

iBlog - Ilia Alshanetsky

Quicksearch

Calendar

Syndicate This Blog

Comments

Tuesday, August 23. 2005

Posted by Ilia Alshanetsky in FUDforum, PHP

Comments (0)
Trackbacks (0)

After a fairly short incubation period, 2.7.0 final is now available for download.
Installation Script
Upgrade Script

The release was made a bit faster then anticipated in response to a rather serious security problem found in the uploaded avatar handling code. All who use FUDforum and allow forum members to upload custom avatars are encouraged to upgrade immediately.

The details of the exploit are not being released at this time, but believe me when I say that the problem is quite serious and you should most definitely upgrade if you use the uploaded avatar functionality.

Aside from the fix for the security problem, this release integrates a number of other changes and improvements, in particular a much improved in terms of speed forum topic view generation code.

The list below inclidues the changes found in the final, that were not present in RC1.

Fixed a number of edge cases where E_NOTICE warnings may be generated.
Unify SQL error handling.
A number of PostgreSQL fixes and computability changes for older PostgreSQL releases.
Fixed topic view skip in upgrade script.
Fixed per-topic show unread and today's posts links.
Added view building validation.
Datadump import fixes for PostgreSQL.
Added support for [ hr ] tag to FUDcode.
Added handlers for situations where mbstring function overload is enabled.
Allow database settings to remain strings, even when they are numbers.

Trackbacks

Trackback specific URI for this entry

No Trackbacks

Comments

Display comments as (Linear | Threaded)

No comments

Add Comment

Frontpage - Top level

Guide to PHP Security