تالار گفتگوی پارسیلاتک
عمومی => عمومی => نويسنده: وحید دامنافشان در اوت 28, 2013, 02:15:31 am
-
با راهنماییهای آقای دکتر امینطوسی، نرمافزار تالار رو به آخرین نسخه رسمی منتشر شده، بروز کردم. خوشبختانه در جریان بروزسانی، هیچگونه هشدار یا خطایی رخ نداد و این طور که پیداست، در حال حاضر، مشکلی وجود نداره. با این حال، چنانچه با کوچکترین مشکلی در هنگام فعالیت در تالار، برخورد کردید، لطفاً در همین تاپیک، گزارشش کنید.
ممنون
-
وحید جان خسته نباشی هم شما هم آقای امینطوسی
میشه لطفا در مورد اینکه با این تحول چه تغییراتی در تالار بوجود آمده بیشتر توضیح دهید؟
-
ممنونم.
امکانات خاصی به تالار اضافه نشده؛ فقط چند تا باگ و مشکل امنیتی رفع شده. البته خودم حس میکنم یه خورده هم سرعت لود صفحات، بیشتر شده.
changelog مربوط به سه بروزرسانی آخر رو هم میتونید در زیر ببینید:
Changes go downward, months go upward. Please scroll to the bottom for a legend.
Changelog started January 1, 2004; Currently at $Revision: 11057 $.
SMF 2.0.5 August 12 2013
===============================================================================
August 2013
--------------------------------------------------------------------------------
! Updated the WHOIS search URL for RIPE (thanks Runic)
July 2013
--------------------------------------------------------------------------------
! Fixed a problem with upgrade.php that wasn't able to continue after db errors (thanks akc42 for the fix)
! Fixed code injection in manage language pages (thanks HauntIT for the report)
! Fixed XSS in the news page, emails field (thanks HauntIT for the report)
! XSS in personal messages page (thanks HauntIT for the report)
SMF 2.0.4 Febuary 1 2013
===============================================================================
January 2013
--------------------------------------------------------------------------------
! Joshua's fix for validatePasswordFlood logic error (reported by Raz0r)
! Arantor fix for database error on lost connections
! Quick fix for Admin Password Reset vulnerability reported by Raz0r
! Directory traversal vulnerability in the function ViewFile (thanks yan.uniko.102 for reporting and Arantor for proposing the fix and Spuds for spotting the undefined variable)
! active users cannot change anymore the email from action activate without deactivation/confirmation (thanks BarteX for reporting the issueand suggesting a fix)
! Change language from the admin panel could allow XSS, path disclosure and code injection (thanks Jakub Galczyk for reporting the issue)
! Missing arguments in SSI functions called through ?ssi= generated error messages showing full server file path (thanks yan.uniko.102 for reporting it)
! Directory listing and editing of arbitrary files from the theme editing page in the admin panel
SMF 2.0.3 November 16 2012
===============================================================================
December 2012
--------------------------------------------------------------------------------
! SSI showed hidden boards on non-properly configured forums (part 2)
! SSI showed hidden boards on non-properly configured forums
! XSS in moderation log page (thanks kingW3 for the report)
! ManagePaid fails if copies of Subscriptions-Paypal,php are present
November 2012
--------------------------------------------------------------------------------
! PCRE engine starting at rev 8.3, will not allow you to specify the surrogate range D800–DFFF - From Spuds (similar to commit 10994)
! Fixed lacking of check on referer URL when adminLogin comes into play (1.0, 1.1 and 2.0 versions)
! Fixes for paypal moving to HTTP 1.1 [bug 5009]
! update sandbox to use https, the former address results in a redirect
! curl did not work due to improper check
! subscriptions should also check for approved payment
Cherry-picked from git commit 07d4bc9fba8942fd284d3d0c3c732889a7bc2e6f by Spuds
! Fixed the upgrade.php failing when the Themes directory was in a directory other than $boarddir (thanks iacchi for finding the cause)
October 2012
--------------------------------------------------------------------------------
! Applied all the changes proposed by rawlogic to fix the intermittent session verification failures