admin
02-20-2005, 03:48 PM
JELSOFT SECURITY BULLETIN
http://www.vbulletin.com/
February 20th, 2005
JELSOFT SECURITY BULLETIN
http://www.vbulletin.com/
February 19th, 2005
This email contains important security-related information.
Please read it carefully.
* vBulletin 3.0.7 Released
* Security Reminder
* Your License Information
* Contact Us
---------------- VBULLETIN 3.0.7 RELEASED ----------------
The discovery of a potentially serious security hole has
necessitated the release of vBulletin 3.0.7. All customers
are strongly encouraged to take one of the actions
described in this email.
All versions of vBulletin 3 up to and including 3.0.6 are
affected only if you have enabled the "Add Template Name
in HTML Comments" option (Admin Control Panel -> vBulletin
Options -> General Settings). We hope most of you will not
have had this option enabled anyway, as it is mostly for
debugging and creates unessary bandwidth usage on a
production site.
To fix the issue, you should choose one of these options:
1. Disable the "Add Template Name in HTML Comments" option
on your board.
2. Download this zip file:
http://www.vbulletin.com/members/getfile.php/patch_307.zip
Follow the instructions within to patch your vBulletin.
3. Upgrade to 3.0.7. Please see the link below for more
information on this release.
We recommend options 2 or 3, if possible.
For more information on this release, including upgrade
instructions and information on bugs fixed, please see
this thread:
http://www.vbulletin.com/forum/showthread.php?t=130591
-------------------- SECURITY REMINDER -------------------
We would like to take this time to reiterate the importance
of keeping current with security updates. If you are not
currently running a version with the recent patches built
in or have not manually patched your board, please see the
3.0.5 and 3.0.6 announcements for important patches.
- vBulletin 3.0.5 Announcement:
http://www.vbulletin.com/forum/showthread.php?t=125480
- vBulletin 3.0.6 Announcement:
http://www.vbulletin.com/forum/showthread.php?t=127027
Recently, more issues have been discovered than we would
have liked, but we try to make patching as painless as
possible to ease the burden these issues create. We are
looking into ways to make patch delivery even easier for
future versions.
-------------------- CONTACT US --------------------------
Please do not respond to this email directly. We will not
receive your response. Please use the links below.
Got a vBulletin technical query? Contact support:
http://www.vbulletin.com/support/
For all other queries, please visit this page:
http://www.vbulletin.com/contact.php
----------------------------------------------------------
Copyright (c) 2000-2005, Jelsoft Enterprises Limited
http://www.vbulletin.com/
February 20th, 2005
JELSOFT SECURITY BULLETIN
http://www.vbulletin.com/
February 19th, 2005
This email contains important security-related information.
Please read it carefully.
* vBulletin 3.0.7 Released
* Security Reminder
* Your License Information
* Contact Us
---------------- VBULLETIN 3.0.7 RELEASED ----------------
The discovery of a potentially serious security hole has
necessitated the release of vBulletin 3.0.7. All customers
are strongly encouraged to take one of the actions
described in this email.
All versions of vBulletin 3 up to and including 3.0.6 are
affected only if you have enabled the "Add Template Name
in HTML Comments" option (Admin Control Panel -> vBulletin
Options -> General Settings). We hope most of you will not
have had this option enabled anyway, as it is mostly for
debugging and creates unessary bandwidth usage on a
production site.
To fix the issue, you should choose one of these options:
1. Disable the "Add Template Name in HTML Comments" option
on your board.
2. Download this zip file:
http://www.vbulletin.com/members/getfile.php/patch_307.zip
Follow the instructions within to patch your vBulletin.
3. Upgrade to 3.0.7. Please see the link below for more
information on this release.
We recommend options 2 or 3, if possible.
For more information on this release, including upgrade
instructions and information on bugs fixed, please see
this thread:
http://www.vbulletin.com/forum/showthread.php?t=130591
-------------------- SECURITY REMINDER -------------------
We would like to take this time to reiterate the importance
of keeping current with security updates. If you are not
currently running a version with the recent patches built
in or have not manually patched your board, please see the
3.0.5 and 3.0.6 announcements for important patches.
- vBulletin 3.0.5 Announcement:
http://www.vbulletin.com/forum/showthread.php?t=125480
- vBulletin 3.0.6 Announcement:
http://www.vbulletin.com/forum/showthread.php?t=127027
Recently, more issues have been discovered than we would
have liked, but we try to make patching as painless as
possible to ease the burden these issues create. We are
looking into ways to make patch delivery even easier for
future versions.
-------------------- CONTACT US --------------------------
Please do not respond to this email directly. We will not
receive your response. Please use the links below.
Got a vBulletin technical query? Contact support:
http://www.vbulletin.com/support/
For all other queries, please visit this page:
http://www.vbulletin.com/contact.php
----------------------------------------------------------
Copyright (c) 2000-2005, Jelsoft Enterprises Limited