Go Back   vb.org Archive > News and Announcements > News and Announcements
Reload this Page vBulletin 3.0.6 Critical Update, and a Bug Fix for 3.0.6
FAQ Community Calendar Today's Posts Search

Reply
Page 1 of 4 1 23 Last »
 
Thread Tools Display Modes
  #1  
Old 01-19-2005, 11:04 AM
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
Posts: 7,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default vBulletin 3.0.6 Critical Update, and a Bug Fix for 3.0.6
vBulletin 3.0.6 has been released:
http://www.vbulletin.com/forum/showthread.php?t=127027

It fixes an XSS security hold in bbcode parsing so you should at least upload the latest patched /includes/functions_bbcodeparse.php

However, there is a serious bug in the 3.0.6 /includes/functions_bbcodeparse.php file.

This causes this error:

Quote:
Warning: sprintf(): Too few arguments in /includes/functions_bbcodeparse.php on line 327

Unable to add cookies, header already sent.
File: /includes/init.php
Line: 27
This happens when you are trying to view a thread with custom bbcode.

To fix this, do this:

In functions_bbcodeparse.php, find:

PHP Code:
    return sprintf($return$param$option); 
ABOVE IT, ADD:

PHP Code:
    $return preg_replace('#%(?!\d+\$s)#''%%'$return); 


Bug description and fix located here:
http://www.vbulletin.com/forum/bugs....iew&bugid=3678

I'm not sure whether the latest 3.0.6 release has this fix in it so I'm posting this manual fix just in case.
Reply With Quote
  #2  
Old 01-19-2005, 11:11 AM
sabret00the's Avatar
sabret00the sabret00the is offline
 
Join Date: Jan 2003
Location: London
Posts: 5,268
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
just applied
Reply With Quote
  #3  
Old 01-19-2005, 11:21 AM
T3MEDIA T3MEDIA is offline
 
Join Date: Dec 2004
Posts: 944
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
oh man this software is going off the handle. How can I get version 2?
Reply With Quote
  #4  
Old 01-19-2005, 11:23 AM
TTG's Avatar
TTG TTG is offline
 
Join Date: May 2004
Location: Sth London
Posts: 1,042
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Thanks for the info
Reply With Quote
  #5  
Old 01-19-2005, 01:34 PM
Deaths Deaths is offline
 
Join Date: Oct 2004
Location: Europe, Belgium
Posts: 679
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Thanks for the info.

I hate having to update all the time though, can't they make up their mind? Geez...
Reply With Quote
  #6  
Old 01-19-2005, 01:36 PM
yoyoyoyo's Avatar
yoyoyoyo yoyoyoyo is offline
 
Join Date: Dec 2004
Location: USA
Posts: 1,612
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Thanks for the info. It's good to know that I can be safer now with the new patch and this fix. Thanks Erwin!
Reply With Quote
  #7  
Old 01-19-2005, 03:41 PM
the Sandman's Avatar
the Sandman the Sandman is offline
 
Join Date: Aug 2003
Location: Tampa, FL
Posts: 229
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Thanks Erwin!
Reply With Quote
  #8  
Old 01-19-2005, 03:58 PM
Zachery's Avatar
Zachery Zachery is offline
 
Join Date: Jul 2002
Location: Ontario, Canada
Posts: 11,440
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by T3MEDIA
oh man this software is going off the handle. How can I get version 2?
In the members area, there is also no way to go from vB3 to vB2 best to stay where you are.
Reply With Quote
  #9  
Old 01-19-2005, 06:38 PM
mOdEtWo mOdEtWo is offline
 
Join Date: Dec 2003
Location: Norway
Posts: 72
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Hmm, I don't get that error in a thread with custom bb code. And I didn't have the "updated" 3.0.6 version of it either, as I downloaded it half an hour after release yesterday.

Strange?

Anyway, I've applied the "fix".
Reply With Quote
  #10  
Old 01-19-2005, 06:49 PM
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
Posts: 7,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Just so people know, CVS version 1.186.2.6 fixes this bug. If you have an earlier version you need to fix this manually.
Reply With Quote
Reply
Page 1 of 4 1 23 Last »

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 03:27 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06941 seconds
  • Memory Usage 2,257KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_php
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete