Go Back   vb.org Archive > News and Announcements > News and Announcements
Reload this Page vBulletin 3.0.5 Released - Critical Update
FAQ Community Calendar Today's Posts Search

Closed Thread
Page 1 of 3 1 23
 
Thread Tools Display Modes
  #1  
Old 01-07-2005, 06:34 AM
assassingod's Avatar
assassingod assassingod is offline
 
Join Date: Jul 2002
Posts: 3,337
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default vBulletin 3.0.5 Released - Critical Update
http://www.vbulletin.com/forum/showthread.php?t=125480

[high]This is a CRITICAL update[/high]

vBulletin 3.0.5 has been released due to a serious security flaw in all vBulletin 3 versions, including 3.0.4

It is a critical update and is recommended you upgrade immediately .

Important information about the vulnerability can be found in the thread, link at the top of this post:

Quote:

Important Warning About Sensitive Data

Due to the nature of the vulnerability discovered in vBulletin 3, and as part of our ongoing effort to maximize security, we must assume that one or all of the vBulletin servers may have been compromised.

Therefore, we would STRONGLY RECOMMEND that any customers who may have submitted sensitive data; such as vBulletin admin control panel or server login details, to Jelsoft staff in the past should take steps to alter these details, so that any information that may have been accessed by an unauthorized party could not be used.
Discussion about the thread is here
  #2  
Old 01-07-2005, 08:50 AM
lasto lasto is offline
 
Join Date: Jan 2002
Posts: 1,514
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
just done the init.php cant be bothered updating again

yep the one for 3.0.5
  #3  
Old 01-07-2005, 09:12 AM
ManagerJosh's Avatar
ManagerJosh ManagerJosh is offline
 
Join Date: Feb 2002
Posts: 348
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by assassingod
http://www.vbulletin.com/forum/showthread.php?t=125480

[high]This is a CRITICAL update[/high]

vBulletin 3.0.5 has been released due to a serious security flaw in all vBulletin 3 versions, including 3.0.4

It is a critical update and is recommended you upgrade immediately .

Important information about the vulnerability can be found in the thread, link at the top of this post:



Discussion about the thread is here
When can we expect the update to be performed here?
  #4  
Old 01-07-2005, 09:42 AM
Mark.B Mark.B is offline
Senior Member
  
Join Date: Feb 2004
Posts: 1,354
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
This is actually a bit of a poor show.

I've just spent three days rehacking my board for the upgrade to 3.0.4 and now I'm expected to do it all again. And for what? So 3.0.6 can be released days later?

This is the second time in succession that a release of vBulletin has effectively been botched. Everyone is congratulating the team on another release, and I am usually very supportive, but on this occasion there's been a big botch, and for the second time running.

The whole point of purchasing forum software instead of using the free programs is that this sort of messing about should not be neccessary.
  #5  
Old 01-07-2005, 09:44 AM
zurih zurih is offline
 
Join Date: Nov 2004
Location: Israel
Posts: 130
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Mark.B
This is actually a bit of a poor show.

I've just spent three days rehacking my board for the upgrade to 3.0.4 and now I'm expected to do it all again. And for what? So 3.0.6 can be released days later?

This is the second time in succession that a release of vBulletin has effectively been botched. Everyone is congratulating the team on another release, and I am usually very supportive, but on this occasion there's been a big botch, and for the second time running.

The whole point of purchasing forum software instead of using the free programs is that this sort of messing about should not be neccessary.
especially when u have a lot of hacks installed.
  #6  
Old 01-07-2005, 10:06 AM
strongy's Avatar
strongy strongy is offline
 
Join Date: Jul 2002
Location: North Wales
Posts: 9
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
again, but i just finished fiddling with hacks, it'll have to wait *uploads that init.php though*
  #7  
Old 01-07-2005, 10:34 AM
Creative Suite's Avatar
Creative Suite Creative Suite is offline
 
Join Date: May 2004
Location: Kuwait :)
Posts: 78
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
woow , We are in era of the speed

, just wanna ask about 3.0.6
  #8  
Old 01-07-2005, 10:36 AM
Montadiat.com's Avatar
Montadiat.com Montadiat.com is offline
 
Join Date: Oct 2004
Location: Kuwait
Posts: 2
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
yeah ,

<<< looking out for 3.0.6
  #9  
Old 01-07-2005, 11:01 AM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
So, the only difference between 3.0.4 and 3.0.5 is init.php ?
  #10  
Old 01-07-2005, 11:13 AM
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
Posts: 7,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Mark.B
This is actually a bit of a poor show.

I've just spent three days rehacking my board for the upgrade to 3.0.4 and now I'm expected to do it all again. And for what? So 3.0.6 can be released days later?

This is the second time in succession that a release of vBulletin has effectively been botched. Everyone is congratulating the team on another release, and I am usually very supportive, but on this occasion there's been a big botch, and for the second time running.

The whole point of purchasing forum software instead of using the free programs is that this sort of messing about should not be neccessary.
This is not Jelsoft's fault.

This is a NEW security loophole that is present in ALL vB 3 forums except for the latest version, and is not caused by the release of 3.0.4.

They've just discovered the loophole, that's all. It was already there.

So this has nothing to do with a botched release. It's just coincidental.
Closed Thread
Page 1 of 3 1 23

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 02:09 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04318 seconds
  • Memory Usage 2,252KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete