vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   News and Announcements (https://vborg.vbsupport.ru/forumdisplay.php?f=2)
-   -   vBulletin 3.5.5 Released (https://vborg.vbsupport.ru/showthread.php?t=122925)

Marco van Herwaarden 08-03-2006 04:53 PM
vBulletin 3.5.5 Released
 
As posted at vBulletin.com: vBulletin 3.5.5 Released

vBulletin 3.5.5

Following the internal discovery of a potential cross-site scripting flaw, we have decided to put out a preventative security release in order to close the hole before it is exploited.

Although vBulletin 3.6.0 is also released today, we understand that some customers may be reluctant to upgrade immediately to the new version, those people should upgrade to 3.5.5 or use the provided patch to secure their vBulletin installation as soon as possible.

Updating your vBulletin to combat the XSS flaw:

Our primary recommendation for customers is to upgrade to vBulletin 3.6.0, but if you are not ready to do this, you can do one of the following:
  1. Full Upgrade: The best way to fix the problem is to perform a full upgrade, downloading the complete 3.5.5 package from the vBulletin Members' Area and following the regular upgrade instructions.
  2. Patch: A second option is to download the patch files discussed in this thread and upload them to your web server, overwriting the existing files. The patch is available in the Members' Area patch page. If you are not running 3.5.4, you must upgrade completely or use the plugin!
  3. Plugin: The plugin system built into vBulletin 3.5 allows the problem to be fixed with a simple plugin. The install file for this plugin is also attached to this thread and is the easiest way to fix the problem, as it does not require you to upload any files via FTP. The plugin will be automatically removed when you perform your next full upgrade. You can install the plugin by following the instructions here.
Read more at vBulletin.com

Snake 08-03-2006 07:02 PM
Thanks, upgrading now... :)

brvheart 08-03-2006 07:35 PM
upgrading now thank you

Zelos 08-03-2006 08:22 PM
On installing the plugin version; should "allow overwrite" be checked as yes or no?

thedvs 08-03-2006 08:49 PM
thanks

peterska2 08-03-2006 09:32 PM
Quote:
Originally Posted by Zelos
On installing the plugin version; should "allow overwrite" be checked as yes or no?
It shouldn't matter, but really it should be no as you wont have already imported that plugin.

Billspaintball 08-03-2006 11:29 PM
Decisions, decisions....

Upgrade to 3.5.5 just to make sure my hacks work on this version, then to 3.6
or to just go straight to 3.6....

johnstires 08-07-2006 04:41 PM
I am currently running 3.5.4

If I install just the patch or plugin will I still be on version 3.5.4 or will I be now on 3.5.5?

There is a hack I want to use that works for 3.5.5 but not 3.5.4.

Also, If I want can I jump straigh to 3.6 or do i need to upgrade to 3.5.5 first?

Kaezul 08-07-2006 08:17 PM
Quote:
Originally Posted by johnstires
Also, If I want can I jump straigh to 3.6 or do i need to upgrade to 3.5.5 first?
During the 3.6 upgrade process it will bump your version up to 3.5.5, 3.6.0 beta (1, 2, 3, 4), 3.6.0 (RC1, 2, 3), and finally 3.6.0. So you don't need to do any manual upgrading prior to upgrading to 3.6.

The.Knight 08-08-2006 10:21 PM
wow, just upgraded!

principino1984 08-09-2006 11:05 AM
Hi, since is the fist time I'm dealin with vb, how do I have to upgrade? do I have to import all the 4 xml files I downloaded from the members area? (languages, settings etc.)

thanks

Marco

Dunc 08-09-2006 12:49 PM
To upgrade, you need to download the ZIP file from your members area, unzip it, and rename the folder called "upload" to the name of your forum extension e.g. www.yoursite.com/forumextensiongoeshere. Next, upload the folder you just renamed into your public_html directory [if you already have the forums installed and are upgrading then the files will automatically go into this folder]. You must overwrite all the files.

Next, go to http://www.yoursite.com/forumextensi...ll/upgrade.php and follow the instructions.

Be sure to delete config.php.new, install.php and upgrade.php once you have finished.

Joey805 08-11-2006 04:59 PM
When you just upload and overwrite the two patch files, should your version # change? I was at 3.54 and it still shows 3.54 after doing this.

Marco van Herwaarden 08-13-2006 11:39 AM
No, if you are patching, then you are not upgrading, and the version stay the same.

FLMom 08-17-2006 01:24 AM
I have never done this before, I just downloaded the patch, do I need to shut down my site in order to do the patch? I know that is probably a stupid question, but I don't want to mess anything up. I have 3.5.4 now.

peterska2 08-17-2006 01:33 AM
I would always close your site before doing any upgrades or patches. Once you have closed your site, perform the patch steps and once they are complete, reopen your site. It shouldn't take long to do depending on your internet connection speed for uploading the patch files.

FLMom 08-17-2006 01:39 AM
Thanks Kerry-Anne! As always you are very helpful :D I appreciate it!

Paul M 08-17-2006 02:42 AM
The patch is just a few files to upload (to replace existing ones). No real need to close anything, just upload them.

FLMom 08-17-2006 10:59 AM
K Thanks Paul :)

Will.Spencer 08-20-2006 07:57 PM
Do we get anything from upgrading from 3.5.4 to 3.5.5, other than the one security fix in these two files?

peterska2 08-20-2006 09:49 PM
The upgrade is a purely security fix as are all upgrades within a series unless stated otherwise. There is the option for the full upgrade, or for the security patch and you can choose whichever root you wish to go down.

Marco van Herwaarden 08-22-2006 03:32 PM
There are more bugfixes then only the mentioned security fix in 3.5.5.

Just have a look in the bugtracker to see which bugs reported in 3.5.4 where fixed.

KJA4U 08-26-2006 05:24 PM
I upgraded from 3.5.4 to 3.5.5 successfully.
But, Unfortunately, the signature image size limiter plug-in does not work with it.
Can anybody help?

nabeelaejaz 09-03-2006 04:52 AM
After upgrading i am seeing this error while opening posts:

Database error in vBulletin 3.5.0:

Invalid SQL:

SELECT IF(visible = 2, 1, 0) AS isdeleted,


NOT ISNULL(subscribethread.subscribethreadid) AS issubscribed, emailupdate, folderid,
thread.*
FROM raw_thread AS thread

LEFT JOIN raw_subscribethread AS subscribethread ON (subscribethread.threadid = thread.threadid AND subscribethread.userid = 61 AND canview = 1)


WHERE thread.threadid = 351;

MySQL Error : Unknown column 'canview' in 'on clause'
Error Number : 1054
Date : Saturday, September 2nd 2006 @ 10:50:08 PM
Script : http://www.raw.com.pk/forums/showthr...=newpost&t=351
Referrer : http://www.raw.com.pk/forums/
IP Address : 80.227.93.99
Username : beast
Classname : vb_database

bada_bing 09-11-2006 04:35 PM
Where is the plugin for this upgrade. Your original notes says that the plugin is located within this thread and I dont see it anywhere????

Also I am running vb 3.5.3 will this plugin work for that version? What is the proper way to fix the security whole without breaking all my hacks?

Where is the plugin?

Quote:
Originally Posted by bada_bing
Where is the plugin for this upgrade. Your original notes says that the plugin is located within this thread and I dont see it anywhere????

Also I am running vb 3.5.3 will this plugin work for that version? What is the proper way to fix the security whole without breaking all my hacks?

Where is the plugin?
Any help with this please

bada_bing 09-13-2006 02:01 AM
Hello can someone answer this simple question? WHere is the plugin?

yessir 09-13-2006 10:02 AM
Go to vB.com and look in the announcements forum for the 3.5.4 and 3.5.5 releases.

Read those threads. There should be plugins (xml products) available to "patch" your install.


All times are GMT. The time now is 04:51 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01155 seconds
  • Memory Usage 1,770KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (27)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete