Quick Login   
 
Register AdminFusion Tutorials Post Fusion Forum Matrix
 
Go Back AdminFusion » Software & Tech » Software » Invision Power Board » [IPB News] IP.Board 2.3.4 Security Enhancements and DST Bug Fix
Reply
 
LinkBack
Old 03-14-2008, 01:02 AM   #1
Forum Guru
 
Join Date: Sep 2005
Posts: 8,309
Industry News is on a distinguished road
Post [IPB News] IP.Board 2.3.4 Security Enhancements and DST Bug Fix

<b>IP.Board 2.3.4 Security Enhancements and DST Bug Fix</b><br /><br />We are releasing a minor security update to address issues recently reported regarding areas of IP.Board 2.3.4. These security issues are rather low priority and the impact is minimal due to other security features in the software. We would like to thank the users and administrators of <a href="http://www.criticalsecurity.net/" target="_blank">criticalsecurity.net</a> for their help in identifying the issues and testing the patches.<br /><br /><b>Issue</b><br /><br />Nesting custom bbcode in an improper fashion can result in the final HTML result of the bbcode being broken, and subsequently unwanted HTML injected into the tag. If used in specific fashions, a person could inject javascript event handlers into the final result. Additionally, we have added an "allowscriptaccess" parameter to flash movies parsed in IPB to prevent flash movies and avatars from having javascript access. These issues are mitigated due to the use of httpOnly cookies in IP.Board which limits the direct impact.<br /><br />Additionally, we have patched a recent bug with the automated DST checking in IPB that has surfaced since the recent DST changeover.<br /><br /><b>Patching Your IP.Board</b><br /><br />The IP.Board 2.3.4 download in the client area has already been updated with the required changes. If you download IP.Board after the date of this announcement your installation will be up to date.<br /><br /><b>Changed Files</b><br /><br />Download the zip file below which includes only the changed files for this update. Simply upload and overwrite the old files.<br /><br /><a href='http://forums.invisionpower.com/index.php?act=attach&type=post&id=16364'>http://forums.invisionpower.com/index.php?act=attach&type=post&id=16364</a><br />

More...
Industry News is offline   Reply With Quote
Old 03-14-2008, 01:06 AM   #2
Rookie
 
Join Date: Oct 2006
Location: Calgary, AB
Posts: 28
Borghunter is on a distinguished road
Send a message via AIM to Borghunter Send a message via MSN to Borghunter Send a message via Skype™ to Borghunter
TIP: Actually look at what is in that white box you type in. LMAO
__________________

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Borghunter is offline   Reply With Quote
Old 03-14-2008, 09:00 AM   #3
Forum Junkie
 
Jolteon's Avatar
 
Join Date: Feb 2006
Location: Holmfirth, England
Posts: 3,699
Jolteon has a brilliant futureJolteon has a brilliant futureJolteon has a brilliant futureJolteon has a brilliant futureJolteon has a brilliant futureJolteon has a brilliant futureJolteon has a brilliant futureJolteon has a brilliant futureJolteon has a brilliant futureJolteon has a brilliant futureJolteon has a brilliant future
Send a message via MSN to Jolteon
FAILING:
They're doing it right!

__________________
Ack, no currently active projects
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

Jolteon is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

 
Posting Rules

AdminFusion

All times are GMT +1. The time now is 04:31 PM. Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.2.0

© 2009 AdminFusion | Advertising Opportunities | Legal | A member of the Crowdgather Forum Community
 
From:
Title:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77