vBulletin 3.0.15 Released

admin
  • vBulletin 3.0.15

    Due to the discovery of an XSS flaw by imei addmimistrator (http://myimei.com/security/) and a further discovery of a potential XSS flaw internally, we are making vBulletin 3.0.15 available as a security release.

    While we recommend that customers perform a full upgrade to the latest version of vBulletin, which is now 3.6.0, we understand that some customers would prefer to stick with what they have and either upgrade to the newest 3.0.x release or patch their existing version.

    Full Upgrade

    The best way to fix the problem is to perform a full upgrade, downloading the complete 3.0.15 package from the vBulletin Members' Area (http://members.vbulletin.com/) and following the regular upgrade instructions (http://www.vbulletin.com/docs/html/upgrade?manualversion=30502500).

    Patch File

    Patches are now available in the members' area. You may view available patches here (http://members.vbulletin.com/patches.php). Alternatively, you may use the zip attached to this post to apply the patch. Both methods are equivalent.

    Go to the page mentioned above and download the "Security patch for 3.0.14" or download the zip at the end of this post. Extract the zip archive, then connect to your web server using FTP and overwrite the following files using the replacement versions from the zip.

    includes/functions.php
    admincp/global.php
    modcp/global.phpNotes:

    You do not need to download this patch if you perform a full upgrade to 3.0.15, 3.5.5 or 3.6.0.
    If you only apply a patch, your version number will not change. Your version number will only be updated if you perform a full upgrade.To repeat, go here to download the "Security patch for 3.0.14" (http://members.vbulletin.com/patches.php)


  • You can discuss this release here:

    http://www.vbulletin.com/forum/showthread.php?t=194087


  • Files Changed Sine 3.0.14


    /

    showthread.php

    admincp/

    global.php
    index.php

    includes/

    adminfunctions.php
    functions.php
    init.php
    vbulletin_credits.php

    install/ - assume all files changed
    modcp/

    global.php



    Templates Changed Since 3.0.14
    None


  • If you downloaded vBulletin 3.0.15 prior to the date of this post, please download the attached file (attachment.php) and upload it to your webserver, overwriting the exiting attachment.php.

    This will fix a security hole discovered in Internet Explorer that affects vBulletin.

    Please use this file only to patch vBulletin 3.0.15. Patches for the three other versions released today are attached to their respective announcement threads.

    Downloads made after the time of this post have been fixed in the Members' Area and are not vulnerable.







    • #If you have any other info about this subject , Please add it free.#
    Your name:
    E-mail:
    Telphone:

    Your comments:


    If you have any other info about vBulletin 3.0.15 Released , Please add it free.


    • edit
    [SOLVED] Problem with CardLayout and FormPanel
    Paging & Proxy