|
This release is a cumulative bug fix update, as well as including a number of minor security fixes.
# [Fix] Prevent login attempts from incrementing for inactive users
# [Fix] Do not check maximum login attempts on re-authentication to the admin panel - tomknight
# [Fix] Regenerate session keys on password change
# [Fix] retrieving category rows in index.php (Bug #90)
# [Fix] improved index performance by determining the permissions before iterating through all forums (Bug #91)
# [Fix] Better handling of short usernames within the search (bug #105)
# [Fix] Send a no-cache header on admin pages as well as normal board pages (Bug #149)
# [Fix] Apply word censors to the message when quoting it (Bug #405)
# [Fix] Improved performance of query in admin_groups (Bug #753)
# [Fix] Workaround for an issue in either PHP or MSSQL resulting in a space being returned instead of an empty string (bug #830)
# [Fix] Correct use of default_style config value (Bug #861)
# [Fix] Replace unneeded unset calls in admin_db_utilities.php - vanderaj
# [Fix] Improved error handling in modcp.php
# [Fix] Improved handling of forums to which the user does not have any explicit permissions - vanderaj
# [Fix] Assorted fixes and cleanup of admin_ranks.php, now requires confirmation of deletions
# [Fix] Assorted fixes and cleanup of admin_words.php, now requires confirmation of deletions
# [Fix] Addition and editing of smilies can no longer be performed via GET, now requires confirmation of deletions
# [Fix] Escape group names in admin_groups.php
# [Sec] Replace strip_tags with htmlspecialchars in private message subject
# [Sec] Some changes to HTML handling if enabled
# [Sec] Escape any special characters in reverse dns - Anthrax101
# [Sec] Typecast poll id values - Anthrax101
# [Sec] Added configurable search flood control to reduce the effect of DoS style attacks
# [Sec] Changed the way we create "random" values for use as keys - chinchilla/Anthrax101
# [Sec] Enabled Visual Confirmation by default
# [Change] Changed handling of the case where a selected style doesn't exist in the database
# [Change] Changed handling of topic pruning to improve performance
# [Change] Changed default forum permissions to only allow registered users to post in new forums
This release is a cumulative bug fix update, as well as including a number of minor security fixes.
# [Fix] Prevent login attempts from incrementing for inactive users
# [Fix] Do not check maximum login attempts on re-authentication to the admin panel - tomknight
# [Fix] Regenerate session keys on password change
# [Fix] retrieving category rows in index.php (Bug #90)
# [Fix] improved index performance by determining the permissions before iterating through all forums (Bug #91)
# [Fix] Better handling of short usernames within the search (bug #105)
# [Fix] Send a no-cache header on admin pages as well as normal board pages (Bug #149)
# [Fix] Apply word censors to the message when quoting it (Bug #405)
# [Fix] Improved performance of query in admin_groups (Bug #753)
# [Fix] Workaround for an issue in either PHP or MSSQL resulting in a space being returned instead of an empty string (bug #830)
# [Fix] Correct use of default_style config value (Bug #861)
# [Fix] Replace unneeded unset calls in admin_db_utilities.php - vanderaj
# [Fix] Improved error handling in modcp.php
# [Fix] Improved handling of forums to which the user does not have any explicit permissions - vanderaj
# [Fix] Assorted fixes and cleanup of admin_ranks.php, now requires confirmation of deletions
# [Fix] Assorted fixes and cleanup of admin_words.php, now requires confirmation of deletions
# [Fix] Addition and editing of smilies can no longer be performed via GET, now requires confirmation of deletions
# [Fix] Escape group names in admin_groups.php
# [Sec] Replace strip_tags with htmlspecialchars in private message subject
# [Sec] Some changes to HTML handling if enabled
# [Sec] Escape any special characters in reverse dns - Anthrax101
# [Sec] Typecast poll id values - Anthrax101
# [Sec] Added configurable search flood control to reduce the effect of DoS style attacks
# [Sec] Changed the way we create "random" values for use as keys - chinchilla/Anthrax101
# [Sec] Enabled Visual Confirmation by default
# [Change] Changed handling of the case where a selected style doesn't exist in the database
# [Change] Changed handling of topic pruning to improve performance
# [Change] Changed default forum permissions to only allow registered users to post in new forums
|
