Announcement

Collapse
No announcement yet.

Active license required for security fix files for "CSRF attacks via the Moderator Control Panel"?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Kat
    replied
    I need to tag onto this post also. I do not seem to have access to this latest patch. I have been running 4.0.7 Patch Level 7 for a long time and that is the only thing I have access to. Any help much appreciated.

    Leave a comment:


  • kcsr
    replied
    Thanks for the help, Mark, Wayne, and Paul. Got it sorted out.

    edit: Upgrade completed successfully. Thanks for the security fix!
    Last edited by kcsr; Wed 14th Jan '15, 12:26am.

    Leave a comment:


  • Paul M
    replied
    Originally posted by wacnstac View Post
    Sorry to tag along on this thread, but can we copy one set of patched files to multiple installations or will the license number embedded in the header mess us up? We have 50+ installs to patch this morning.
    Are you just talking about the latest modcp patch ?

    The licence number in the header of the file wont have any effect, its just a comment.

    Leave a comment:


  • Wayne Luke
    replied
    Originally posted by kcsr View Post
    Thanks for the quick reply, Mark.B. I get the following error when trying to login: Invalid login or password.
    You should use the links on the page to recover your password. If that doesn't work then email [email protected].

    Leave a comment:


  • kcsr
    replied
    Thanks for the quick reply, Mark.B. I get the following error when trying to login: Invalid login or password.

    Leave a comment:


  • Mark.B
    replied
    You should use the correct files for the correct installation, otherwise you will run into difficulties.

    Leave a comment:


  • wacnstac
    replied
    Sorry to tag along on this thread, but can we copy one set of patched files to multiple installations or will the license number embedded in the header mess us up? We have 50+ installs to patch this morning.

    Leave a comment:


  • Mark.B
    replied
    Your license is a vB4 license so you should have access to this.

    Leave a comment:


  • Active license required for security fix files for "CSRF attacks via the Moderator Control Panel"?

    Hello,
    Are fix files available for the recently disclosed "CSRF attacks via the Moderator Control Panel" vulnerability?
    I didn't renew my license because I have no interest in vB4 or vB5. Consequently, I don't have access to the member downloads section of the site. For the last security issue, vB provided fix files so we could manually apply fixes.
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X