[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: phpbb2.0.19 fixes security issues
From: Paul Laudanski <zx () castlecops ! com>
Date: 2005-12-30 15:29:11
Message-ID: Pine.LNX.4.44.0512301027230.531-100000 () bugsbunny ! castlecops ! com
[Download RAW message or body]
re: http://www.phpbb.com/phpBB/viewtopic.php?t=352966
[Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode
[Sec] fixed XSS issue (only valid for Internet Explorer) if html tags are allowed and \
enabled [Sec] added configurable maximum login attempts to prevent dictionary \
attacks
Other fixes:
[Fix] corrected index on session keys table under MS SQL
[Fix] added session keys table to backup
[Fix] delete session keys entries when deleting user
[Fix] changes to support MySQL 5.0
[Fix] changes to some of the admin files to improve efficiency and remove a potential \
error condition when building the menu [Fix] change truncation of username length in \
usercp_register.php - BFUK [Fix] incorrect path to avatars in admin_users.php (Bug \
#667) [Fix] fixed get_userdata to support correct sql escaping (non-mysql dbs) - \
jarnaez [Fix] fixed captcha for those not having the zlib extension enabled
[Change] Placed version information above who is online in admin panel for better \
visual presence
--
Paul Laudanski, Microsoft MVP Windows-Security
[cal] http://events.castlecops.com
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic