• Rejestracja
vBHELP.pl - polskie wsparcie vBulletin
+ Odpowiedz w tym wątku
  1. #1
    meschiash Gość

    Domyślnie vB 4.0.2 PathLevel 3

    Dziś ukazał się Path Level 3 dla vBulletin 4.0.3. Poniżej oryginalna informacja z Security Patch Release 4.0.2 PL3
    Security Patch Release 4.0.2 PL3

    Potential XSS vulnerabilities has been identified in vBulletin 4.0.2 PL2 in relation to the CMS content type search widgets (recent threads, recent posts, and general search), and CMS article preview on section pages. We became aware of one XSS issue involving blog titles being displayed incorrectly in a general search widget set to search for recent blog posts. During the QA process testing that issue, we discovered other related vulnerabilities. This was the cause of the delay in an official announcement and patch release. We are issuing a patch release to address these issues.

    The upgrade process is the same as previous patch level releases - simply download the patch from the Members Area, extract the files and upload to your webserver, overwriting the existing files. There is no upgrade script required if you are currently running 4.0.2 PL2. If running 4.0.2 or 4.0.2 PL1 see the details below as the process is slightly different.

    As with all security-based releases, we recommend that all customers upgrade as soon as possible in order to prevent any potential damage resulting from the flaw being exploited.

    There is no need to run an upgrade script if you are already running the latest version (4.0.2 PL2).

    If you are running 4.0.2, or 4.0.2 PL1 you should follow these steps.

    1) Download the 4.0.2 PL3 patch files.
    2) Set your site to be offline.

    3) Make sure your install directory still exists. If not, upload the install directory from your vBulletin package
    to your vBulletin directory, leaving out install/install.php.
    4) Upload the patch files to your vBulletin directory.
    5) Run the url http://your.site.com/vBdirectory/ins...e_402_salt.php
    6) Set your site to be online.

    This will address all PL fixes, including the fixes contained in 4.0.2 PL2. It is not necessary to run any other scripts.

    Visit the Patches section of the vBulletin Members' Area and download the patch for the version you are using, then extract the files from the archive you downloaded, then upload the files to your board via FTP etc., overwriting the existing files. This will update your version to the latest patch release.

    Upgrading from an earlier version

    If you are not already running 4.0.2, 4.0.2 PL1, or 4.0.2 PL2, you should download the latest version (4.0.2 PL3) from the Members' Area and perform an upgrade as normal.

    Full instructions for upgrading vBulletin are available here.


    Download vBulletin 4.0.2 PL3

    As usual, the version released today is available for all customers with valid, active licenses to download from the vBulletin Members' Area.

    vBulletin Members Area
    W skrócie jest to poprawka bezpieczeństwa przed atakiem XSS.

    Instrukcja aktualizacji:
    Jeśli używasz 4.0.2, lub 4.0.2 PL1 to wykonaj następujące czynności:

    1. Pobierz paczkę z path PL3 z members area: http://members.vbulletin.com/patches.php
    2. Wyłącz swoje forum
    3. Upewnij się, że katalog install istnieje. Jeśli nie to załaduj go z oryginalnej paczki pomijając plik install.php
    4. Załaduj przez FTP pliki z paczki z PL3
    5. Uruchom adres http://twoje.forum/install/upgrade_402_salt.php
    6. Włącz swoje forum

    Zaleca się też zmianę haseł adminów i supermoderatorów.



  2. #2
    Marek jest nieaktywny Banned
    Dołączył
    May 2008
    Przegląda
    Where my hat is
    Posty
    0
    Przydatne posty
    26

    Domyślnie

    Ja tam aktualizację zawsze uruchamiam z pliku upgrade.php i nigdy mnie to nie zawiodło. Mało tego, wielokrotnie tak uruchomiona aktualizacja naprawiała błędy poprzedniej próby - np duplikaty zakładek.


Chmurka.pl

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67