FluxBB ist ein Open-Source-Forum-Anwendung. Von PunBB 2008 Gespaltene ist FluxBB ein beliebtes Forum leichte Anwendung, die Stromversorgung Foren für Arch Linux und μTorrent.
Speichern und wiederherstellen
29 März 2019 - 3MB
- Increase minimum password length
- Prohibit links in topic subjects (based on existing anti-spam permission)
- Allow longer SMTP passwords
- Return correct HTTP status code on error and maintenance pages (to prevent search engines from indexing)
- Prevent duplicate bans
- User profiles: Use user's date/time formats, not the viewer's
- Improve error message for very short searches
- Proper CSRF protection for rebuilding the search index, logging in and promoting users
- Stop using insecure random number generator on certain PHP versions
- Fix insufficient escaping of HTML output in installer and error pages
Lesen Sie mehr: http://fluxbb.org/forums/viewtopic.php?id=9472
21 Juni 2016 - 3MBThis release fixes a security vulnerability as well as several bugs, and also contains several small improvements.
In addition, this release contains some minor improvements in the area of CSS and usability, and fixes several smaller bugs.
- bug #792: Profile and signature img
- bug #1012: Incorrect coding login.php
- bug #1017: fix CSS
- bug #1056: Invalidate only feed caches
- bug #1058: hash_equals(): Expected known_string to be a string, null given
- bug #1059: No csrf_token in unsubscibe link of subscription email
- bug #1062: Edit.php and checkboxes
- bug #1068: Wrong description for BBCode
- bug #1072: The DB class for SQLite doesn't maintain string values by default?
- bug #1075: Empty PHP_SELF somewhere
- bug #1078: InnoDB check failed
- bug #1082: Custom title overrides "Banned"
- enhancement #1019: Refactor/move forum_list_plugins to common_admin.php
- enhancement #1025: Display error message inline with login form
- enhancement #1027: Change htmlspecialchars to pun_htmlspecialchars
- enhancement #1064: error() function, PUN_DEBUG and security
- enhancement #1066: For long nicknames
Lesen Sie mehr: http://fluxbb.org/forums/viewtopic.php?id=8856
10 November 2015 - 3MBThis release fixes two security issues: The first one allowed attackers to trick moderators into e.g. locking or stickying other topics without noticing. The second change prevents sophisticated timing attacks targeted at e.g. password hashes.
Other changes in this release include several fixes of regressions introduced in the last release, fixes related to the handling of several esoteric HTTP headers, and a fix for a quote bug that broke the forum layout. Finally, if you want to embed your forum in another web page, the relevant HTTP header is now configurable.
Lesen Sie mehr: http://fluxbb.org/forums/viewtopic.php?id=8203
24 Januar 2015 - 3MBThis release fixes a minor security issue in install.php. The installer could be tricked into loading and executing any file named install.php. Abuse of this vulnerability could have only been possible in combination with other security issues that would have allowed an attacker to create files with that name.
As a special present, in this release we made it super-easy to install anti-spam modifications by providing a few hooks where these modifications can hook into. All you will need to do to install this new generation of anti-spam tools is to copy one or two files into certain folders of your FluxBB installation. We hope this change encourages the community to create a broad range of more diverse antispam tools, so that spammers will hit unpredictable obstacles when targetting FluxBB. As an example, I have created a modification that adds Google's new reCAPTCHA system to your registration page. Expect more documentation in the next days.
This release also brings some security hardening, fine-tuning, several small features and usability improvements to your forum.
- Clickjacking attacks should now be prevented by modern browsers
- Direct links to certain actions from notification emails
- Quickly promote users to the next group
- New moderator permission for promoting users
- Streamlined forum creation process
- Improved default styles and dropped support for Internet Explorer 6
- bug #925: Scrollbar in chrome fluxbb1.5.5
- bug #949: Use \r\n for SMTP, FORUM_EOL for others
- bug #951: [url][img] patch doesn't work.
- bug #963: Add rel="prev", rel="next" and rel="canonical"
- bug #969: New TLDs not allowed as valid URLs
- bug #996: Prevent clickjacking attacks
- bug #998: Bug in validate_redirect() function
- bug #1001: Remove setting of values in quickpostform
- bug #1006: [HTB23246] File Inclusion in install.php
- enhancement #57: Making a new forum is a 2 step process
- enhancement #810: Improve unread forums tracking
- enhancement #935: Auto-promotion improvements
- enhancement #936: Add new group permission to allow moderators to promote users
- enhancement #941: Remove obsolete global variables
- enhancement #944: Remove "page 1" when thread or forum has just one page
- enhancement #947: Improve Air/Earth/Fire design
- enhancement #948: Require passwords with at least 6 characters
- enhancement #959: Quick actions from registration email
- enhancement #965: Avoid double redirect when no new posts are found
- enhancement #976: [PATCH] Invalidate updated cache files from PHP's Opcache
- enhancement #992: Drop IE6 support
- enhancement #997: Make random passwords longer
- enhancement #1007: Antispam hooks
- enhancement #1008: Please delete your install.php file
- task #942: Remove obsolete language strings
- task #966: Optimize images in FluxBB core
Lesen Sie mehr: http://fluxbb.org/forums/viewtopic.php?id=8203
Zeige mehr Versionen
20 Oktober 2014 - 3MBThis release fixes a critical security vulnerability that could potentially allow clever attackers to take over other user accounts on a FluxBB forum. We also fixed another less severe issue related to redirects in login.php.
- bug #961: Open Redirection Vulnerability
- bug #990: SQL injection in profile.php
Lesen Sie mehr: http://fluxbb.org/forums/viewtopic.php?id=8001
8 Januar 2014 - 3MB
- bug #923: Redeclared method error when changing usernames
- bug #940: Cross-site request forgery issues with FluxBB
- enhancement #913: Adding subject if someone hits the preview button
- enhancement #927: Split thread function is... "splitted"
- enhancement #929: Textarea resize
- enhancement #930: Allow non array page titles
- enhancement #934: HTML5 validation
Lesen Sie mehr: http://fluxbb.org/forums/viewtopic.php?id=7513
18 November 2013 - 3MB
- bug #884: No horizontal scrollbar in [code]
- bug #887: URLs with user/forum/topic/post ID are broken
- bug #888: Notices in FluxBB 1.5.4
- bug #895: random_pass() might generate URL-unfriendly passwords
- bug #896: No permission without 403
- bug #897: "\r\n" breaks headers in email in certain conditions
- bug #903: UTF8 related fixes
- bug #904: Charset conversion in db_update.php doesn't work
- bug #905: Merging topics hangs when users are subscribed
- bug #911: Triple border in IE11
- enhancement #889: Excess array cell of $lang_install
- enhancement #891: Remove unused line of code in generate_quickjump_cache
- enhancement #902: Miscellaneous
- enhancement #908: Regenerate the users info cache in register.php
- enhancement #919: $page_title in admin_loader.php
- enhancement #921: Disable admin_forums.php form when no categories exist
- enhancement #922: Function do_smilies() and $pun_config
Lesen Sie mehr: http://fluxbb.org/forums/viewtopic.php?id=7405
14 August 2013 - 3MBThese releases fix another security issue that allowed attackers to redirect forum users from the attacker's site to any URL on the internet via FluxBB's email contact form. This is a problem as the users might be redirected to a dangerous or inappropriate webpage, even though they assume to visit a trusted site (the forum). Unfortunately, we were not contacted before the vulnerability was published; I still want to thank the Zero Science Lab for the helpful communication after the issue was brought to our attention.
FluxBB 1.5.4 also brings along fixes for a bunch of smaller issues in the 1.5 branch.
Lesen Sie mehr: http://fluxbb.org/forums/viewtopic.php?id=7217
22 Februar 2013 - 3MBThis release fixes a security issue that could allow skilled attackers to guess one of the random tokens that are sent out via email when users have forgotten their passwords.
Lesen Sie mehr: http://fluxbb.org/forums/viewtopic.php?id=6916
4 Februar 2013 - 3MB
Unsere Webhostings sind kompatibel mit
100 GB und mehr
Erweiterte Verwaltung von EV- und DV-SSL-Zertifikaten
10 GB VOD
2 CPU und mehr
6 GB RAM und mehr
100% dedizierte Ressourcen
Infomaniak verwaltet Ihren Server
ab CHF 39.00 / Monat
Preise in CHF