Welcome, Guest. Please Login or Register.
November 24, 2017, 09:02:34 PM
Home Help Search Login Register
News: SMF is the next generation in forum software, almost completely re-written from the ground up, make sure you don't fall for cheap imitations that suffer from feature bloat!

YaBB SE Community  |  YaBB SE Info  |  News From the YaBB SE Team  |  Topic: YaBB SE 1.5.5 Released! « previous next »
Pages: 1 ... 3 4 [5] 6 7 Reply Ignore Print
Author Topic: YaBB SE 1.5.5 Released!  (Read 111797 times)
Peter Duggan
Llama Chameleon
Global Moderator
YaBB God
*****
Posts: 1793


You come and go...


WWW
Re:YaBB SE 1.5.5 Released!
« Reply #60 on: January 20, 2004, 06:06:32 PM »
Reply with quote

You have started YaBB SE and gathered a thousands of people to use this software. Now you want people pay for SMF to be able to download? Wow!

Quote

Elegant. Effective. Powerful. Free. SMF is all of the above.

I don't think it is free.

http://www.simplemachines.org/community/index.php?topic=5134 ::)
Logged

charlottezweb
Sr. Member
****
Posts: 446


charlottezweb.com


WWW
Re:YaBB SE 1.5.5 Released!
« Reply #61 on: January 20, 2004, 06:11:34 PM »
Reply with quote

damn, beat me to it...  

 ;D
Logged

"yabb-sense makes the heart grow fonder"
-----------------------------------------------------
Charlottezweb.com
Reliable, well-supported & affordable hosting and design.  Free Yabbse installs.
wehbee
Noobie
*
Posts: 8


I'm a llama!


Re:YaBB SE 1.5.5 Released!
« Reply #62 on: January 20, 2004, 09:34:26 PM »
Reply with quote

 Hi!

 I am using YaBB SE 1.5.5

 How can i install Turkish Language  ???
Logged
Winters
Jr. Member
**
Posts: 88


I'm a llama!


Re:YaBB SE 1.5.5 Released!
« Reply #63 on: January 21, 2004, 02:50:25 PM »
Reply with quote

Quote
This error is caused by not having Packages and its contents chmod'd to 777.

Thx, the error is gone. I still ended up using boardmod and btw., I didn't lose my mods ;)
Logged
Winters
Jr. Member
**
Posts: 88


I'm a llama!


Re:YaBB SE 1.5.5 Released!
« Reply #64 on: January 22, 2004, 03:09:41 PM »
Reply with quote

wehbee, I just remembered your question when I stumbled across sourgeforce... I may be mistaken, but it looks like there is not Turkish translation available yet:
http://www.yabbse.org/download.php
Logged
Terragen
Noobie
*
Posts: 21


I'm a llama!


Re:YaBB SE 1.5.5 Released!
« Reply #65 on: January 22, 2004, 03:15:50 PM »
Reply with quote

Does this fix the security vulnerability where people can read your cookies (ie: get your password) if you allow users to upload files?
Logged
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830



WWW
Re:YaBB SE 1.5.5 Released!
« Reply #66 on: January 22, 2004, 03:19:44 PM »
Reply with quote

No, that is fixed by not allowing them to upload PHP, Javascript, or HTML code.

It is also fixed in SMF without this requirement.

-[Unknown]
Logged
Terragen
Noobie
*
Posts: 21


I'm a llama!


Re:YaBB SE 1.5.5 Released!
« Reply #67 on: January 22, 2004, 03:46:40 PM »
Reply with quote

No, that is fixed by not allowing them to upload PHP, Javascript, or HTML code.

It is also fixed in SMF without this requirement.

-[Unknown]

Well you'd have to totally disable the upload feature unless the code is changed to do some type checking.

You can rename a html file .jpg and then do an <img> tag inside. the uploaded jpg (really html) will not display
but if you make another post and link to it then it will open up and you will see the image and not realize its really an html page showing you a jpg while stealing your cookie information. (This might only work on IE though - I haven't really extensively tested it - just know that its a problem).
Logged
[Unknown]
Global Moderator
YaBB God
*****
Posts: 7830



WWW
Re:YaBB SE 1.5.5 Released!
« Reply #68 on: January 22, 2004, 03:51:01 PM »
Reply with quote

There's no real way to fix this except for checking if any file has "<script>" in it and then removing it... which doesn't seem a very simple solution.

SMF, however, fixes it more elegantly.  I recommend you turn off the feature for now, until SMF is released - if you are worried.

-[Unknown]
Logged
Lyne
Noobie
*
Posts: 1


I'm a llama!


Re:YaBB SE 1.5.5 Released!
« Reply #69 on: January 23, 2004, 04:21:17 AM »
Reply with quote

Just to check that I've not been done over in a more fundamental way, this exploit - would it theoretically permit someone to replace the index.php with a link to a brazillian hackers JPEG of a worryingly deformed George Bush? :)

Just wanted to check ;D
Logged
marcnyc
Full Member
***
Posts: 137


I'm a llama!


Re:YaBB SE 1.5.5 Released!
« Reply #70 on: January 23, 2004, 04:20:47 PM »
Reply with quote

This might sound like a stupid question but I am really curious as to how to update from 1.5.4 to 1.5.5. I downloaded the .mod file from sourceforge, how do I use it? I tried downloading BoardMod because I assumed that's what I needed but I get nowhere from there and besides BoardMod says it is only for YaBB SE versions up to 1.5.1. Can somebody clarify?
Logged
Peter Duggan
Llama Chameleon
Global Moderator
YaBB God
*****
Posts: 1793


You come and go...


WWW
Re:YaBB SE 1.5.5 Released!
« Reply #71 on: January 23, 2004, 04:33:51 PM »
Reply with quote

You can apply the patch with the package manager.  Here's how:

First, go into your admin center.  Now click "YaBBpak Center" under "Forum Controls".  Choose "[ Download new YaBBpaks ]".

If you see "yabbse.org Bugs" in the list, click on "[ Browse ]" next to it.  Otherwise, type "yabbse.org Bugs" in for the server name, and "http://www.yabbse.org/packages/bugs" for the URL. (no slash at the end!)  Now, click on "[ Browse ]" next to it

You should see a list of fixes.  Find the section for the version you currently have installed, and pick the mod titled "YaBB SE YOUR VERSION to YaBB SE 1.5.5 Update" and click "[ Download ]".

Now click "[ Back ]" and then "[ Back ]".  Now click "[ Browse YaBBpaks ]".

Find the mod you downloaded in the list. (it might be the only thing in there...)  Click the "[ Apply Mod ]" next to it.

Click "[ Proceed ]".  Then, "[ Test (recommended) ]".

For every file listed in large print, find it in your FTP.  Make sure it is, TEMPORARILY chmod'd to 777.  This makes it so the package manager can update them.  You will also need to make the folders they are in 777 so it can make backups.

If you don't get any "not found" errors, it should install properly.  Click "[ Apply Mod ]".  If you get any errors, you probably forgot to chmod something to 777.

Afterward, you may wish to chmod things back to 755.  You can read my opinion on this subject here:
http://www.simplemachines.org/community/index.php?topic=2987.0

-[Unknown]
Logged

marcnyc
Full Member
***
Posts: 137


I'm a llama!


Re:YaBB SE 1.5.5 Released!
« Reply #72 on: January 23, 2004, 05:37:10 PM »
Reply with quote

Thanks a lot for claryfing... It would have been great if a readme came with the file that you can download from the download page, but anyway, thanks for the instructions... It seems to be extremely easy and well thought out... I can't seem to change my permissions to 777 but I guess that's a host-related thing so I should ask my host... Thanks again.
Logged
marcnyc
Full Member
***
Posts: 137


I'm a llama!


Re:YaBB SE 1.5.5 Released!
« Reply #73 on: January 23, 2004, 06:26:41 PM »
Reply with quote

Ok I resolved the issue with my host and I am not able to change the permissions to 777 but I still get an error from the script:

2: Unable to create 'index.php~': Permission denied


Any suggestions?
Logged
Peter Duggan
Llama Chameleon
Global Moderator
YaBB God
*****
Posts: 1793


You come and go...


WWW
Re:YaBB SE 1.5.5 Released!
« Reply #74 on: January 23, 2004, 08:31:25 PM »
Reply with quote

If you really mean you're 'not able to change the permissions to 777', it's not surprising you're still getting errors. But you should still have the option of downloading the necessary files from your site, making the changes manually (more tedious than difficult!) and uploading them again... :-\
Logged

Pages: 1 ... 3 4 [5] 6 7 Reply Ignore Print 
YaBB SE Community  |  YaBB SE Info  |  News From the YaBB SE Team  |  Topic: YaBB SE 1.5.5 Released! « previous next »
 


Powered by MySQL Powered by PHP YaBB SE Community | Powered by YaBB SE
2001-2003, YaBB SE Dev Team. All Rights Reserved.
SMF 2.0.12 | SMF © 2016, Simple Machines
Valid XHTML 1.0! Valid CSS!
Page created in 0.154 seconds with 19 queries.