|
ibProArcade v2.7.2+ coming
This version fixes the security-problem and will be released within the next 24 hours, after the staff here verified it is ok :)
|
Thanks !!!
|
Many thanks.
Could we also get the patch instructions so that those on older versions can patch up, like last time? |
Can you please provide a list of changes made with 2.7.2+ for those of us with heavily-customized arcades? I would like to just fix the security holes if possible :) Thanks for the quick response to the bugs too!
|
good stuff.
|
For now i disabled ibPro arcade i have tried to uninstall but seem to be not working anyways looking forward for new release ASAP :)
|
Great, thanks!
|
Thanks for the upcoming update.
Could you please explain what the exploit was and what could have happended to our boards? Are passwords unsecure now or could some code be on our pages? Please let us know what we can do to be sure that we are unaffected. Thank you! |
Quote:
Code:
Arcade&do=stats&comment=a&s_id= |
...And just when I'd upgraded to 2.7.1 LOL
Anyway - thanks for the quick response Zero = looking forward to install the new version :) J. |
Quote:
It would be a good idea to change the passwords of all admin accounts on your site if you had this mod installed. |
Quote:
|
Quote:
|
Thanks MentaL.
No entries in my logs. |
Any updates as to when the new version might be released? Thanks!
|
Once again we have no updates to a critical modification. Mr Zeropage implies that the update is with vBulletin.org staff for verification. Could we at least have an update regarding timescales? If there's an issue than fair enough, but as usual with vb these days, we are simply left in the dark.
|
Anxiously awaiting update :) Customer of mine is having a coronary over this, more so, his members ...
|
It would be nice for someone to update us on what on Earth is going on here.
I am not criticising the mod author here incidentally. A statement has been made telling us to pull the most popular modification by many multiples. This then cripples many of our sites, or puts us at risk of being hacked. A further statement is made stating that a patch has been made and will be released within 24 hours. Two and a half days later - no patch, no further statement, abject silence from everyone. If there's a delay in the patch because an issue has been found, then fine - but please tell us. Instead, it seems everyone is content to hammer further nails into the coffin of forums, many of whom are already losing members to Facebook hand over fist. We all gave our members an update and now WE look like we're the ones ignoring THEM, because vbulletin.org is ignoring US. I am not complaining about the lack of a patch - I am complaining about the lack of updates. |
Quote:
|
There was an SQL injection exploit identified for this mod.
After confirming it I quarantined the mod. I have discussed the exploit with the mod author and am waiting for him to upload a fixed version. I am keeping a close eye on this and hope to approve the update as quickly as I can once I get it. |
Thanks for the update. Let's hope the author will update it.
|
Quote:
|
Quote:
It depends on your webhost where to find this file. In this file the webserver logs every call to a file on your server. There you need to search for the text posted by MentaL. If you don't know where to look ask your provider! |
^Found it. Thanks!
|
Oh well, customers don't like to wait ... converted away from IBProArcade, no more waiting.
|
Everything has been looked over and Mrzeropage will release it.
If anyone has a arcade that I have worked on ( There are lots of you guys ).. DO NOT OVER WRITE , Contact me and we will edit them manually .. or all the work that has been done will be lost! If you know how to compare files you can do it yourself.. compare version v2.7.1+ with v2.7.2+ to find the code that needs to be added.. |
Quote:
:confused: |
Quote:
If he has a question he should respond in the quarantine thread or PM me. |
So now everyone is waiting. The coder vor vB, vB for the the coder and we all for both :D
|
all good things come to people who wait ;)
will be release as soome and MrZ has a sec .. life comes first.. then coding |
I don't mind waiting. My members understand. In fact, one of my members told me that since I disabled the Arcade her house has never been cleaner. :)
|
No problem waiting for a fix as long as it makes my site secure :) Gotta fix all those evil holes!
|
<a href="http://www.rfxn.com/projects/linux-malware-detect/" target="_blank">http://www.rfxn.com/projects/linux-malware-detect/</a>
install this btw if you want to scan for shells. Will do setups and scans for a fee. Need root access though. |
Any update on the new release?
J. |
just waiting for approval, should be ok within the next hours ...
sorry for the delay, had technical problems and was offline *damn* now everything back on rails again |
Approved and restored.
|
thanks :)
|
Sweet! I'd just finished adding a ton of games and made a new module block for my forum's newsletter:
https://vborg.vbsupport.ru/external/2012/02/12.png And then BAMN! Arcade modification graveyarded = It was a bit frustrating to be sure. At anyrate - thanks so much! Much appreciation for your fabulous work with this modification MrZeropage!!! Upgrading momentarily... J. |
Quote:
|
Quote:
Hey Jacquii,,if you dont have angry birds,,I know where you can get it.. ;) |
| All times are GMT. The time now is 06:35 AM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|