vBulletin 3.0.4
This version has been superceded by vBulletin 3.0.5.
Please visit the 3.0.5 release announcement.
Happy New Year, and welcome to vBulletin 3.0.4.
This is not the major version release that has been rumoured for the past several weeks, although work on that version is progressing nicely. Instead, vBulletin 3.0.4 represents a roll-up of a large number of fixes for bugs found in version 3.0.3.
Importantly, with the 'Santy' worm currently scouring the internet for vulnerable servers, this release also preempts various vulnerabilities in PHP itself, and closes a hole in vBulletin that could potentially allow SQL injection. Additionally, we have altered the code in order to prevent POST requests being made from off-site forms, preventing malicious and mischevious self-submitting forms from affecting vBulletin installations.
Therefore, we recommend that all customers running vBulletin 3 upgrade to version 3.0.4 as soon as possible.
We would also remind you that PHP should be upgraded to at least version 4.3.10 or 5.0.3 to avoid recently published vulnerabilities.
Backing Up Your Forums
Please be sure to check your backups, that they are complete before continuing with an upgrade. We had reports that PHP was causing time out errors when creating the back up SQL, and this was causing for incomplete or corrupted backups. The safest way to do a backup is to use the mysqldump utility through SSH/Telnet, as it will not suffer from any such problems. Full instructions for backing up your database are available in the vBulletin 3 Manual.
Installing or Upgrading vBulletin
Please see the appropriate manual sections: Installing vBulletin and Upgrading vBulletin.
This version has been superceded by vBulletin 3.0.5.
Please visit the 3.0.5 release announcement.
Happy New Year, and welcome to vBulletin 3.0.4.
This is not the major version release that has been rumoured for the past several weeks, although work on that version is progressing nicely. Instead, vBulletin 3.0.4 represents a roll-up of a large number of fixes for bugs found in version 3.0.3.
Importantly, with the 'Santy' worm currently scouring the internet for vulnerable servers, this release also preempts various vulnerabilities in PHP itself, and closes a hole in vBulletin that could potentially allow SQL injection. Additionally, we have altered the code in order to prevent POST requests being made from off-site forms, preventing malicious and mischevious self-submitting forms from affecting vBulletin installations.
Therefore, we recommend that all customers running vBulletin 3 upgrade to version 3.0.4 as soon as possible.
We would also remind you that PHP should be upgraded to at least version 4.3.10 or 5.0.3 to avoid recently published vulnerabilities.
Backing Up Your Forums
Please be sure to check your backups, that they are complete before continuing with an upgrade. We had reports that PHP was causing time out errors when creating the back up SQL, and this was causing for incomplete or corrupted backups. The safest way to do a backup is to use the mysqldump utility through SSH/Telnet, as it will not suffer from any such problems. Full instructions for backing up your database are available in the vBulletin 3 Manual.
Installing or Upgrading vBulletin
Please see the appropriate manual sections: Installing vBulletin and Upgrading vBulletin.
Comment