Pages: [1] 
|
 |
|
 Author
|
Topic: PHPBB Security Alert! (Read 2281 times)
|
|
AlphaWolf
|
|
|
|
|
« Last Edit: February 28, 2005, 12:12:47 PM by AlphaWolf »
|
Logged
|
|
|
|
songdove
Guest
|
I wonder if this affects PNphpBB2 at all.
|
|
|
|
|
Logged
|
|
|
|
|
apache
|
I wonder if this affects PNphpBB2 at all.
Hey songdove, I would suggest you check both the Phpbb and the Post Nuke support forums to be sure. Thanks, Apache |
|
|
|
|
Logged
|
|
|
|
songdove
Guest
|
Yeah, am over at the PNphpBB2 site now and 1.2h will have the security updates in it.
I have a task and a half ahead of me when I go to upgrade however. But good to know the security fixes will be there.
|
|
|
|
|
Logged
|
|
|
|
|
AlphaWolf
|
When will this release be out?
Since we will be moving everyone except two sites off of Alpha 2 by March 13th at the latest, (tribforcehq.com being one of those we are holding off on moving as we need to make sure you have fixed the DNS problems by then & that we have a complete listing of all the necessary symlinks). But Alpha 2 will close down permanently by the 20th of March and we have concerns about moving over unsecured sites. Since your site has never previously been a problem even when it was left unsecured a few months back, we would take the chance and move you as long as we had an approximate CLOSE date when the patch would be available and when you could install it.
peace
Wolf
|
|
|
|
|
Logged
|
|
|
|
songdove
Guest
|
The DNS issue has been dealt with by finally being able to move all subdomains to cpanel. Yaaaaaaaaaa. That has also resulted in faster load times for the site(naturally). Our current version of PNphpBB2, 1.2d, didn't have the vulnerability quirk in it that 1.2g does, so we're fine that way for now.
So all subdomains needing symlinking are now in our subdomain list in cpanel. So that issue is finally where it can be dealt with properly.
As for upgrading PNphpBB2, I've asked about a release date for 1.2h today and am waiting on a response.
I've also asked if there is any easier way to do the upgrade, as 1.2g demanded that we remove the current skin on the site before completing the upgrade, as it doesn't work with autothemes. I'm hoping that isn't an issue with 1.2h. I may be pulling an allnighter to get it done too as the existing files have to be removed before the new files are put up. Not fun!
:-(
|
|
|
|
|
Logged
|
|
|
|
|
AlphaWolf
|
The DNS issue has been dealt with by finally being able to move all subdomains to cpanel. Yaaaaaaaaaa. That has also resulted in faster load times for the site(naturally). Our current version of PNphpBB2, 1.2d, didn't have the vulnerability quirk in it that 1.2g does, so we're fine that way for now.
So all subdomains needing symlinking are now in our subdomain list in cpanel. So that issue is finally where it can be dealt with properly.
As for upgrading PNphpBB2, I've asked about a release date for 1.2h today and am waiting on a response.
I've also asked if there is any easier way to do the upgrade, as 1.2g demanded that we remove the current skin on the site before completing the upgrade, as it doesn't work with autothemes. I'm hoping that isn't an issue with 1.2h. I may be pulling an allnighter to get it done too as the existing files have to be removed before the new files are put up. Not fun!
:-(
Ugh - my sympathies Songdove! We are going through something similar and it IS a nightmare sometimes to upgrade a very customized site. Glad to hear your DNS is now being handled by us. All that will mean for you is once we notify you the move for tribforcehq is complete, you will need to change the DNS name servers at the registrar. peace Wolf |
|
|
|
|
Logged
|
|
|
|
songdove
Tribforce Tribble, I mean Tribbie
Full Member
 Offline
Posts: 16
Top tribble at Trib
|
Well, the people over at the PNphpBB2 board aren't being very helpful, treating my situation as if its child's play. I'm now told the security issues for phpBB version 2.0.12 are considered minor by the PNphpBB2 staff, as apparently, the only major issue was covered by a patch they had to make for 1.2g of PNphpBB2, claiming that 1.2h is only going to be a minor upgrade from 1.2g.
Soooooo, I guess that means I have to try to redo the 1.2g upgrade. I uploaded a nonautotheme skin to all of the subsites last night, so hopefully everything will go smoothly. I can't pull an allnighter tonight, so this will have to wait till the end of next week. Hopefully it won't take too long to do.
|
|
|
|
|
Logged
|
|
|
|
|
AlphaWolf
|
Well, the people over at the PNphpBB2 board aren't being very helpful, treating my situation as if its child's play. I'm now told the security issues for phpBB version 2.0.12 are considered minor by the PNphpBB2 staff, as apparently, the only major issue was covered by a patch they had to make for 1.2g of PNphpBB2, claiming that 1.2h is only going to be a minor upgrade from 1.2g.
Soooooo, I guess that means I have to try to redo the 1.2g upgrade. I uploaded a nonautotheme skin to all of the subsites last night, so hopefully everything will go smoothly. I can't pull an allnighter tonight, so this will have to wait till the end of next week. Hopefully it won't take too long to do.
Not a problem SongDove - I pulled a moron and failed to check that the time to lives had been altered in all the domain's DNS zones, (need to do that 36 hours before a move in server), so we have had to back off and schedule the majority of the Alpha 2 move for late Sunday - Tuesday. We have one customer we are moving on the 10th, so you really have until about the 9th to get it ready. peace Wolf |
|
|
|
|
Logged
|
|
|
|
|
Pages: [1] 
|
|
|
 |
AlphaOne Technology Support Forums
