VBsupport перешел с домена .ORG на родной .RU
Ура!
Пожалуйста, обновите свои закладки - VBsupport.ru
Блок РКН снят, форум доступен на всей территории России, включая новые терртории, без VPN
На форуме введена премодерация ВСЕХ новых пользователей
Почта с временных сервисов, типа mailinator.com, gawab.com и/или прочих, которые предоставляют временный почтовый ящик без регистрации и/или почтовый ящик для рассылки спама, отслеживается и блокируется, а так же заносится в спам-блок форума, аккаунты удаляются
Если вы хотите приобрести какой то скрипт/продукт/хак из каталогов перечисленных ниже: Каталог модулей/хаков
Ещё раз обращаем Ваше внимание: всё, что Вы скачиваете и устанавливаете на свой форум, Вы устанавливаете исключительно на свой страх и риск.
Сообщество vBSupport'а физически не в состоянии проверять все стили, хаки и нули, выкладываемые пользователями.
Помните: безопасность Вашего проекта - Ваша забота. Убедительная просьба: при обнаружении уязвимостей или сомнительных кодов обязательно отписывайтесь в теме хака/стиля
Спасибо за понимание
The original purpose of this release was to provide a regular, scheduled bug-fix / service release for the new 3.5.x series, but newly discovered flaws in Internet Explorer and PHP have necessitated a security release for all three vBulletin branches.
The first flaw is in Microsoft Internet Explorer. It affects vBulletin image uploads and potentially opens a cross-site-scripting exploit. It has affected many web-based applications that allow image uploads, including phpBB and Hotmail. Although a fix from Microsoft would be preferable, we have implemented a work-around in all three branches of vBulletin to prevent the Internet Explorer flaw from being exploited.
The second flaw is in PHP and may allow the entry of unsanitized data into several areas in vBulletin. This may create security holes that are not directly caused by vBulletin, simply exploited through vBulletin as it uses affected PHP code. PHP 4.4.1 has been released to address this issue (no updated PHP5 is available yet). If you are running PHP 4, it is strongly recommended that you update your PHP installation to 4.4.1!
I'd just like to reiterate that neither of these flaws are directly related to vBulletin. Rather, they are flaws in software that ties into vBulletin. We are simply creating workarounds for these issues to prevent them from being exploited.
Patch files for vBulletin 3.5.x, 3.0.x and 2.3.x are attached to this thread, though we would recommend that you fully upgrade your board rather than simply patch it wherever possible. The zip files contain partial directory structures of the upload/ folder that would normally be found in the package you downloaded from the members' area. You should simply download the correct file for your board and extract it. Connect to your server via FTP and upload the contents of the zip file to your main board directory. This should overwrite files already on your server -- if it does not, then your board will not be patched!
All customers should upgrade or patch their boards as soon as possible.
3.5.1 Changes of Note
New AJAX disable option
This allows the administrator to enable AJAX, disable AJAX or disable just those AJAX features which can be troublesome due to character set issues.
IconV use where available
If IconV is installed on your server (which we strongly recommend) vBulletin will now use its character set conversion abilities rather than relying on its own for AJAX-submitted data. This is of especial interest to boards running with non-latin characters such as Chinese, Arabic etc.
Option to switch email banning system back to 3.0.x settings
An option now exists to change the new email banning system's behavior back to the more aggressive method employed by vBulletin 3.0.x. This means that banned words / letters etc. will be matched anywhere within the email address, rather than matching from the end of the address towards the start.
This means that you can specify '@example.' to ban both example.com and example.co.uk, whereas with the 3.5.x system you would have to expressly ban both.
Product install code execution order changed
Install code specified in a product XML file is now executed before the product record is inserted into the database. This allows far more flexibility to the code to be run when installing a product.
Increased Compatibility with MySQL 5
MySQL 5 has now been declared stable and is therefore supported by vBulletin. With 3.5.1 previous compatibility issues with MySQL 5 have been addressed, allowing vBulletin to run without errors. However, it should be noted that vBulletin is not yet compatible with MySQL 5 running in Strict Mode, and this should be disabled in the MySQL configuration or using the new option in config.php.
by adding this patch, the board will automatically be 3.5.1?
@TCattitude
Простоузер
Join Date: Aug 2005
Posts: 6
Reputation:
Novice 2
Репутация в разделе: 2
0
Quote:
Originally Posted by bass.exe21
by adding this patch, the board will automatically be 3.5.1?
No.
Only the mayor security fixes will be patched... but still be 3.5.0.
Until you get/upgrade to 3.5.1... is recommended to patch your forum with this files.
@bitbob
Простоузер
Join Date: Sep 2005
Posts: 34
Reputation:
Novice 2
Репутация в разделе: 2
0
does anyone have Nulled version of Vbulletin 3.5.1?
@BlueEyesOnly
Простоузер
Join Date: Jul 2005
Posts: 104
Reputation:
Novice 8
Репутация в разделе: 8
0
i think SCRiPTMAFiA will release their nulled versions very soon. stay tuned ;)
@bitbob
Простоузер
Join Date: Sep 2005
Posts: 34
Reputation:
Novice 2
Репутация в разделе: 2
0
Quote:
Originally Posted by BlueEyesOnly
i think SCRiPTMAFiA will release their nulled versions very soon. stay tuned ;)
vBulletin 3.5.1/3.10/2.3.8 Patches Released
