Downloads

Download phpBB 2.0.17

By admin
Spread the love

The phpBB program is a forum package with a user-friendly interface and a number of management functions. The package is developed in PHP language and supports MySQL, MS-SQL, PostgreSQL and Access/ODBC databases for storing the data. The phpBB Group has released version 2.0.17 with the following announcement:

Hi everyone,

phpBB Group announces the release of phpBB 2.0.17, the “no, we did not forget naming it last time” release. This release addresses several bugfixes and some low security issues as well as the recently seemingly wide-spread XSS issue (only affecting Internet Explorer).

Please have a look down this announcement for the code changes necessary to fix the XSS issue, we are again astounded about the energy people put into finding the smallest issue in phpBB 2.0.x, those must have a lot of time available. But on the other hand it is always increasing the products security since we do not introduce new features into the 2.0.x codebase.

With this announcement I want to give you some more information regarding phpBB’s security. psoTFX (Paul S. Owen, Project Manager) initiated and brought forward the idea and concept of a complete security audit of the 2.0.x codebase. We introduced some top-notch security people, phpBB-Modders and very talented people from our teams to participate in this audit. We intend to implement the changes necessary – and also fixing the found issues, hopefully giving the now very aged codebase (it is still on a technical level from three years ago) a lift and bringing it up-to-date with security mechanisms and techniques which are common nowadays.

We also intend to open our private bugtracker system to the public for reporting 2.0.x bugs within the next days.

What has changed in this release?

  • Added extra checks to the deletion code in privmsg.php – reported by party_fan
  • Fixed XSS issue in IE using the url BBCode
  • Fixed admin activation so that you must have administrator rights to activate accounts in this mode – reported by ieure
  • Fixed get_username returning wrong row for usernames beginning with numerics – reported by Ptirhiik
  • Pass username through phpbb_clean_username within validate_username function – AnthraX101
  • Fixed PHP error in message_die function
  • Fixed incorrect generation of {postrow.SEARCH_IMG} tag in viewtopic.php – reported by Double_J
  • Also fixed above issue in usercp_viewprofile.php
  • Fixed incorrect setting of user_level on pending members if a group is granted moderator rights – reported by halochat
  • Fixed ordering of forums on admin_ug_auth.php to be consistent with other pages
  • Correctly set username on posts when deleting a user from the admin panel

[break]The following three downloads are ready:
phpBB 2.0.17 – Full Package
phpBB 2.0.17 – Changed Files Only
phpBB 2.0.17 – Patch File Only

Version number 2.0.17
Website phpBB
Download
License type GPL
You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Logitech acquires stream controller maker Loupedeck

News

Anticheat FaceIT gets Linux version, enables Steam Deck support

News

Rumor: EU starts investigation into Microsoft for including Teams with Office