Advertisement:
A2Hosting

Author Topic: SMF 2.0.2 and 1.1.16 critical security patches released  (Read 1360333 times)

Offline Masterd

  • SMF Hero
  • ******
  • Posts: 3,770
  • Gender: Male
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #120 on: January 03, 2012, 04:39:45 AM »
Congrats on the hard work, team! :D
My Mods

Sugested that too. Hey ho. I'd link you to the original discussion but it's not visible to most people (seekrit team board stuff that is more dangerous than wikileaks).


Don't PM me for support! Use the appropriate support board!

Offline BigJacko

  • Semi-Newbie
  • *
  • Posts: 33
  • Gender: Male
  • Never underestimate the power of underestimation
    • BigJacko's Web
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #121 on: January 03, 2012, 06:27:15 AM »
I think I've found a problem with one of the files in the 2.0.2 small-update from the downloads area (alas, I'm using Windows IIS6, and thus package manager is seemingly impossible to get working properly, so I have to do manual updates). This one - http://download.simplemachines.org/index.php?thanks;filename=smf_2-0-2_update.zip

Anyway, the errant file in question is:

Themes/default/PersonalMessage.template.php

and the problem seems to be that it is still reporting as Version 2.0, not version 2.0.2

Is this correct?

I noticed that after I did the manual file-copy followed by running the 'upgrade.php' to sort out my MySQL DB - all of which seemed to work ok - I went back to the Administration Center and confirmed that my board had updated. The Admin Center shows '2.0.2' as the headline version, but when doing the 'more detailed' check, I see Default Templates with a red 2.0 next to it, and when I open that up, I see a red 2.0 next to PersonalMessage.template.php.

I confirmed that I had correctly copied the right files over, so I then looked at the individual files within the 2.0.2 small update distribution file and compared PersonalMessage.template.php from the Core and Default themes in a file-comparison utility. They are vastly different (maybe to be expected? I don't know) - but specifically, the Core instance of the file showed Version 2.0.2 while the Default instance showed 2.0

Is this correct? Did someone forget to include the correct Default Theme file in the small manual upgrade zip?

My forum uses the Default Theme, by default (and I have no idea whether that's a clone of the Core theme, or what) - so will I have a problem at some point when members start using the PM system?

Any help gratefully received - if you need further information or testing please ask away! Thanks.

Neil
This area zoned for redevelopment. Apply City Planning Dept. Brown envelopes preferred if bringing bribes.

Offline Illori

  • Doc Coordinator
  • SMF Master
  • *
  • Posts: 33,878
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #122 on: January 03, 2012, 06:52:46 AM »
take a look at http://www.simplemachines.org/community/index.php?topic=463145.0 also this thread is not for support you should open your own thread for issues related to the upgrade.

Offline BigJacko

  • Semi-Newbie
  • *
  • Posts: 33
  • Gender: Male
  • Never underestimate the power of underestimation
    • BigJacko's Web
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #123 on: January 03, 2012, 11:48:47 AM »
Ilori - thanks for the pointer to the other thread. I will continue this discussion there.

However, for the record, I wasn't actually looking for support, and don't consider this a personal support issue. I was merely trying to be helpful, and was reporting an ERROR with the small-update zip's contents (an error which I can see is indeed accepted as such on the other thread).

Thanks anyway.
This area zoned for redevelopment. Apply City Planning Dept. Brown envelopes preferred if bringing bribes.

Offline OlivierShop

  • Semi-Newbie
  • *
  • Posts: 66
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #124 on: January 04, 2012, 06:26:20 AM »
Thanks !

Goog Job  8)
SMF 2.0.2

Offline bassinRN

  • Semi-Newbie
  • *
  • Posts: 33
    • Rod Jockeys Bass Club of Cape Cod
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #125 on: January 04, 2012, 07:03:17 AM »
Hey guys!

Trying to update from 1.1.15 and getting the following message:
The package you are trying to download or install is either corrupt or not compatible with this version of SMF.

Any ideas? :)

Same here...????

Offline mashby

  • Support Specialist
  • SMF Hero
  • *
  • Posts: 7,639
  • Gender: Male
  • Beer me.
    • Choppix
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #126 on: January 04, 2012, 07:51:04 AM »
Hey guys!

Trying to update from 1.1.15 and getting the following message:
The package you are trying to download or install is either corrupt or not compatible with this version of SMF.

Any ideas? :)

Same here...????
http://www.simplemachines.org/community/index.php?topic=463108.msg3234016#msg3234016
Always be a little kinder than necessary.
- James M. Barrie

Offline ShastaSHuskyPup

  • Semi-Newbie
  • *
  • Posts: 31
  • Gender: Male
  • Blue Alaskan Zombie Husky
    • @ShastaSHuskyPup on Twitter
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #127 on: January 05, 2012, 01:25:00 AM »
Thanks for the updates SMF team, will be sure to update once I have everything else set up but thanks again for all your work

~Shasta
|

"Random Fact: I have a mini traffic cone under my desk"

Offline Kokoin

  • Newbie
  • *
  • Posts: 4
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #128 on: January 06, 2012, 05:16:39 PM »
I'm afraid I don't understand that, Kokoin.
Does this help?
http://www.simplemachines.org/community/index.php?topic=463108.msg3234016#msg3234016


ok K@ , your attached file download. I manuel editing;
index.php
sources/packages.php
sources/messagindex.php

Thank you...

Offline Lolafish

  • Jr. Member
  • **
  • Posts: 193
  • Gender: Female
  • Join the Fun - Where Goldies Rule!
    • pages/AquaPuppies-A-Goldfish-Community/17387501597 on Facebook
    • @aquapuppies on Twitter
    • AquaPuppies - A Goldfish Community
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #129 on: January 11, 2012, 02:31:23 PM »
Do these security updates address DDOS attack vulnerability?

AquaPuppies - A Goldfish Community
www.aquapuppies.com

Running SMF 2.0.2 & SimplePortal 2.3.5

Offline Arantor

  • SMF Friend
  • SMF Legend
  • *
  • Posts: 58,417
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #130 on: January 11, 2012, 02:33:06 PM »
Nope. You can't solve a DDOS issue at the application level, if you're being hit by a DDOS, talk to your host.

Offline Lolafish

  • Jr. Member
  • **
  • Posts: 193
  • Gender: Female
  • Join the Fun - Where Goldies Rule!
    • pages/AquaPuppies-A-Goldfish-Community/17387501597 on Facebook
    • @aquapuppies on Twitter
    • AquaPuppies - A Goldfish Community
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #131 on: January 11, 2012, 02:36:27 PM »
Nope. You can't solve a DDOS issue at the application level, if you're being hit by a DDOS, talk to your host.

That's what I thought.  Thanks!

AquaPuppies - A Goldfish Community
www.aquapuppies.com

Running SMF 2.0.2 & SimplePortal 2.3.5

Offline kaoss

  • Semi-Newbie
  • *
  • Posts: 30
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #132 on: January 13, 2012, 03:01:11 PM »
I've used it before, but can't find it now, the step by step instructions on upgrading from an older version? I'm on SMF 2.0 RC4. Thanks!

Offline Kindred

  • Project Manager
  • SMF Master
  • *
  • Posts: 37,562
  • Gender: Male
  • Red Sox WIN!
    • wagner999 on Facebook
    • www.linkedin.com/in/wdwagner/ on LinkedIn
    • @Kindred_999 on Twitter
Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support forums.  Thank you.

Offline ForestEB

  • Newbie
  • *
  • Posts: 1
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #134 on: January 15, 2012, 03:22:57 PM »
Hello, I have some problem.
How to fix this?

Not Acceptable

An appropriate representation of the requested resource /forum/index.php could not be found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at mcekvidetibugs.net Port 80

Offline Arantor

  • SMF Friend
  • SMF Legend
  • *
  • Posts: 58,417
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #135 on: January 15, 2012, 03:23:19 PM »
What exactly were you trying to do when you got that message?

Offline Ieazo

  • Newbie
  • *
  • Posts: 5
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #136 on: January 16, 2012, 03:34:26 PM »
Please help our forum has gone down and I am on-line now trying to fix but I must admit to not really having a clue what is going on, any advice greatfully received. It is throwing the following message no matter what I try, won't let me into admin panel or owt???

"Table './planetai_smf924/smf_log_online' is marked as crashed and should be repaired
File: /home/planetai/public_html/Sources/Subs.php
Line: 2608

Note: It appears that your database may require an upgrade. Your forum's files are currently at version SMF 2.0.2, while your database is at version 2.0.1. The above error might possibly go away if you execute the latest version of upgrade.php."

Apologies if I have posted in the wrong section, I'm a bit new to all of this and slightly panicked.

Offline Illori

  • Doc Coordinator
  • SMF Master
  • *
  • Posts: 33,878
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #137 on: January 16, 2012, 03:35:58 PM »
also dont use this thread for support please open a separate thread in the correct support board for support

Offline vbgamer45

  • SMF Friend
  • SMF Super Hero
  • *
  • Posts: 16,157
    • smfhacks on Facebook
    • @createaforum on Twitter
    • SMF For Free
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #138 on: January 16, 2012, 03:36:20 PM »
Login to your control panel and phpmyadmin and run this command on your database
Code: [Select]
REPAIR TABLE smf_log_online;
Community Suite - Take your forum to the next level built for SMF, Gallery,Store,Classfieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Latest Mod:
EzPortal - Portal System for SMF
Newsletter Pro SMF Gallery Pro SMF Classifieds SMF Store

Offline Ieazo

  • Newbie
  • *
  • Posts: 5
Re: SMF 2.0.2 and 1.1.16 critical security patches released
« Reply #139 on: January 16, 2012, 03:44:32 PM »
also dont use this thread for support please open a separate thread in the correct support board for support

My apologies, I panicked.