News:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

SMF 1.0.5 released

Started by Compuart, June 20, 2005, 12:48:40 PM

Previous topic - Next topic

Compuart

Simple Machines is happy to release a new update to Simple Machines Forum 1.0. This release addresses a security issue in the most recent version of SMF.

As this is a critical release, you can easily upgrade by one of the following ways:
  • Use the package manager in your administration center - one click, and you're done.
  • Download the update archive file, and upload all of the files from it.
  • Download the modification file, attached to this message, and modify the files manually according to it.

    This will most likely be the last release of the 1.0 line before we release SMF 1.1 Beta 3 Public. We do nevertheless encourage you to upgrade to 1.0.5 immediately, even if you mean to update to 1.1 Beta 3 Public when it is available.
Hendrik Jan Visser
Former Lead Developer & Co-founder www.simplemachines.org
Personal Signature:
Realitynet.nl -> ExpeditieRobinson.net / PekingExpress.org / WieIsDeMol.Com

Grek.Kamchatka


1MileCrash

The only thing php can't do is tell you how much milk is left in the fridge.



1MileCrash

wow. Updated already. That was even easier than the last.
The only thing php can't do is tell you how much milk is left in the fridge.



codenaught

Yah, another release.  :)

Updated in a few seconds with the package manager.  :P
Dev Consultant
Former SMF Doc Coordinator

ECCShaman09

Take this upgrade seriously. I am using 1.0.4 and the security of the program was breached twice, messing up the board twice.

Thanks very much to the SMF team for addressing this serious problem. It's good to have a team that listens.

forumite

During my install of the patch, the Package Manager reported a failure with Search.php. Am I able to extract from a full 1.0.5 download and copy it to the Sources directory, overwriting the old file?

TIA

Owdy

#7
Use upgrade package. Unpack, upload, run upgrade.php. You must install mods again after that. If you dont have any mods and you are using 1.0.4, then you can use update package.
Former Lead Support Specialist

Tarvitsetko apua SMF foorumisi kanssa? Otan työtehtäviä vastaan, lue:http://www.simplemachines.org/community/index.php?topic=375918.0

forumite

OK thanks for prompt response Owdy.

Grek.Kamchatka

The upgrader found some old or outdated files.

Please make certain you uploaded the new versions of all the files included in the package

What is this? I'm extract all the new files from archive to my smf directory and do upgrade.php =(

dtm.exe

Great job, dev team :).

-Dan The Man

[Unknown]

Quote from: ECCShaman09 on June 22, 2005, 11:21:10 PM
Take this upgrade seriously. I am using 1.0.4 and the security of the program was breached twice, messing up the board twice.

Thanks very much to the SMF team for addressing this serious problem. It's good to have a team that listens.

As I said before, this has nothing to do with SMF and instead indicates a problem in your server's configuration or in some other software you have installed.  While there was a security problem found, it COULD NOT have been used to give you the problems you experienced.

I strongly suggest you look into making sure your server is set up properly, using open_basedir and similar, and you have the latest versions of all other software installed, including PHP, Apache, MySQL, and mail server you might have, and other software.

-[Unknown]

ECCShaman09

Quote from: [Unknown] on June 22, 2005, 11:31:50 PM
Quote from: ECCShaman09 on June 22, 2005, 11:21:10 PM
Take this upgrade seriously. I am using 1.0.4 and the security of the program was breached twice, messing up the board twice.

Thanks very much to the SMF team for addressing this serious problem. It's good to have a team that listens.

As I said before, this has nothing to do with SMF and instead indicates a problem in your server's configuration or in some other software you have installed.  While there was a security problem found, it COULD NOT have been used to give you the problems you experienced.

I strongly suggest you look into making sure your server is set up properly, using open_basedir and similar, and you have the latest versions of all other software installed, including PHP, Apache, MySQL, and mail server you might have, and other software.

-[Unknown]

I am with one of the BIG server companies, not one of the fly by night services, and they have informed me that the server is patched and upgraded to current software versions. They are currently looking into the problem, from an inside and outside basis. I'll fill in the blanks as I learn more, no matter what direction it goes.

wildcard

#13
Weird.  1.0.5 isn't showing up in my Package Manager.

And I get this message when I click on the "update your forum" link on the main Admin page.

"The package you are trying to download or install is either corrupt or not compatible with this version of SMF."

Any ideas?

Edit:  Nevermind.  I got it working fine through the "upload package" option.

catfished

#14
Quote from: wildcard on June 23, 2005, 12:08:44 AM
Weird.  1.0.5 isn't showing up in my Package Manager.

And I get this message when I click on the "update your forum" link on the main Admin page.

"The package you are trying to download or install is either corrupt or not compatible with this version of SMF."

Any ideas?

I had the same problem clicking on the "update your forum link" but if you click on the "Package Manager" and then click on the link where it says "A security issue has been identified in SMF 1.0.4. You can install this patch (click here to install) to easily update yourself to the latest version" it works fine. I just updated 4 forums in 2 minutes.
You use and like this forum software? Then show your appreciation and support by becoming a Charter Member.



CatfishEd.com

dtm.exe

I get this error when I try to upgrade.

QuoteThe upgrader found some old or outdated files.

Please make certain you uploaded the new versions of all the files included in the package.

Click here to try again.

-Dan The Man

XBleed

Quote from: OIDanTheManIO on June 23, 2005, 12:35:34 AM
I get this error when I try to upgrade.

QuoteThe upgrader found some old or outdated files.

Please make certain you uploaded the new versions of all the files included in the package.

Click here to try again.

-Dan The Man

So do I...

It looks like the problem is when it checks the current SMF version.  I uploaded the files, attempted to run upgrade.php, and got that error.  My board still runs fine, and the copyright does say, "1.0.5"

Did it still upgrade, or is that the reason the error is showing up in the first place?

[Unknown]

There's no need to run upgrade.php for this release.

-[Unknown]

dtm.exe

Quote from: [Unknown] on June 23, 2005, 12:49:15 AM
There's no need to run upgrade.php for this release.

-[Unknown]

Oh, so can upgrade.php be removed from the archive altogether, so as to not confuse people, or is it needed for upgrades before SMF 1.0.4?

-Dan The Man

XBleed

Quote from: [Unknown] on June 23, 2005, 12:49:15 AM
There's no need to run upgrade.php for this release.

-[Unknown]
Good to know.

Thanks for the update, SMF.

Advertisement: