PDA

View Full Version : Invision Board 1.1.1 Released!



SSS
02-25-2003, 08:53 AM
Invision Board v1.1.1 has released. It has no new features just bug fixes.

Bugs Fixed:

#47964: Emailer: Parse error when eval PHP/SQL commands
#47611: Mod CP: Incorrect member post counts when approving all posts
#45549: Msg'r: Incorrect message count (-1) can occur fix
#46788: Admin: Removing group moderator, admin logs report name as '-1' fix
#44106: Edit Post: "Queued" bit incorrectly set when editing post fix
#45660: Search: Results as post, preview link does not take to correct page fix
#48214: Quoting Post: QUOTE bugs with embedded quotes fix
#47761: Msg'r: Send message page shows 'use signature for this post' fix
#46803: Admin: Changing member name, email shows incorrect HTML entities
#45824: Admin: Deleting validating members who've posted causes blank member posts fix
#43305: Admin: Trailing slash causes mySQL error in Forum rules
#43657: Admin: Option added to add backticks for SQL exports fix
#45026: Admin: Backslashes in board wrappers vanish fix
#48458: Quoting: +'s mess up quoted names fix
#44907: Admin: Importing tar.php, $root_dir error fix
#43636: Typo: no_sub_id in lang_error.php fix
#44349: Editing: " being converted fix
#48327: Board View: Old code removed to prevent forced error
#48570: Mod CP: Logic error with group permissions, fixed
#xxxxx: PHP 4.3.x + GZIP bug fix

SSS
03-22-2003, 08:59 PM
IMPORTANT!

Quote from Invision Power Board:

It has come to our attention that there is a security vunerability with all versions of Invision Power Board *if* your PHP installation has register_globals set to "on" (again).

The fix is very simple. Just download the attached zip package, unzip and upload the contents (ad_member.php) to your live Invision Power Board installation (ipb/sources/Admin/).

The download distribution has been updated but the version number has not been incremented to protect slow upgraders.

My thanks to those who brought this problem to my attention before releasing the information to "help" sites such as bugtraq.

Download the security vunerability fix from http://forums.invisionpower.com/index.php?...=ST&f=1&t=51540 (http://forums.invisionpower.com/index.php?act=ST&f=1&t=51540)
NOTE:You will need to upgrade to Invision Board 1.1.1 before you download the fix.