MyBB Development Blog

Welcome to the MyBB Development Blog. Here you'll find updates relating to the development of future versions of MyBB as well as technical discussions, tips, tricks and modifications to help you get the most out of MyBB.

MyBB 1.4.6 Released – Security Update

By Ryan Gordon | Published May 3rd, 2009 | Releases, Updates | Rating: 1 Star2 Stars3 Stars4 Stars5 Stars Loading ... Loading ...

MyBB 1.4.6 is a security update to the MyBB 1.4 series. It fixes 1 medium risk and 1 low risk security vulnerability. We recommend everybody upgrades to this release immediately or patch their boards with the manual patching instructions below.

These vulnerabilities affect MyBB 1.4.5. Older versions of MyBB may also be affected. Please see below for upgrade instructions for 1.2.14.

Thank you to Jacques Copeau for finding and reporting these vulnerabilities.

MyBB 1.4.5 to MyBB 1.4.6 Patch

This patch is only for users running MyBB 1.4.5. If you are running an older version of MyBB then please download MyBB 1.4.6 from the MyBB site and update to it.

Please download the attached ZIP archive and replace the files in your forum directory with those from the ZIP archive.

changed_files_1406.zip

If you wish to manually patch your board please download “mybb_1405_patches.txt” and follow the instructions in that file.

mybb_1405_patches.txt

Reporting MyBB security vulnerabilities

If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.

As always, you can send through security related messages on the MyBB website from the Contact Us page.

MyBB 1.2.14 Patch

This patch is only for users running MyBB 1.2.14 or any previous release of the MyBB 1.2 series.

Please download “mybb_1214_patches.txt” attached to this post and follow the manual patching instructions.

Please note all users of the 1.2.x series are urged to upgrade to the latest release of MyBB. (1.4.6)

mybb_1214_patches.txt

Comments

  1. 1.

    Staff Response: Dennis Tsang (May 3rd, 2009, 6:25 pm)

    PLEASE DO NOT POST SUPPORT REQUESTS IN THIS BLOG DISCUSSION THREAD – they will be ignored or deleted.

    If you need help please post it at the General Support forum:
    http://community.mybboard.net/forum-81.html

    This comment thread is for feedback and questions regarding the release, and any clarifications.

    Thanks for your cooperation!

  2. 2.

    Pepotiger (May 3rd, 2009, 7:24 pm)

    Thank you Ryan, the update process is so ease.

  3. 3.

    Aeroxis (May 3rd, 2009, 7:54 pm)

    Thanks you Ryan, this update is good ;)
    I like MyBB, and MyBB in spanish xD

  4. 4.

    Staff Response: MattRogowski (May 3rd, 2009, 8:05 pm)

    I’ll also just clarify that there is no upgrade script with this update, just changed files that need to overwrite the current versions.

  5. 5.

    Staff Response: Ryan Loos (May 3rd, 2009, 9:36 pm)

    Happily upgraded. :)

  6. 6.

    Alvaro (May 3rd, 2009, 9:50 pm)

    Thanks… upgrading ^^

  7. 7.

    Claudio (May 3rd, 2009, 10:15 pm)

    Smooth update. Thank you guys

  8. 8.

    Staff Response: sayakb (May 3rd, 2009, 10:20 pm)

    Upgraded 8)

  9. 9.

    polarbear541 (May 3rd, 2009, 11:43 pm)

    Upgraded nicely :)

  10. 10.

    Staff Response: Justin S. (May 4th, 2009, 12:05 am)

    Upgraded as well. :)

  11. 11.

    Demetrius McCalman (May 4th, 2009, 3:36 am)

    Cool. Upgraded with no problems. :D

  12. 12.

    Menthix (May 4th, 2009, 5:27 am)

    Thanks, upgraded and running.

  13. 13.

    Pirata Nervo (May 4th, 2009, 6:49 am)

    Upgraded successfully :)
    Thank you

  14. 14.

    member (May 4th, 2009, 8:37 am)

    This sucks

    I spent 3 hours with 1.4.4 to 1.4.5 upgrading and changing theme

    :(

  15. 15.

    Staff Response: MattRogowski (May 4th, 2009, 8:57 pm)

    1.4.5 > 1.4.6 is simply uploading a few files, nothing else has to change :)

  16. 16.

    Loque (May 5th, 2009, 5:39 am)

    Thanks for the work, thanks!!!

  17. 17.

    tyke (May 5th, 2009, 9:42 pm)

    An easy two second job, thanks

  18. 18.

    FBI (May 7th, 2009, 6:49 am)

    Yeah, I remember (few years ago) this security apply to my old SMF forum :)
    And I remember, last time my forum getting hack..
    I am glad to you Ryan, for quick fix.

    Thanks.

  19. 19.

    Deviance (May 8th, 2009, 5:03 am)

    Just changing a few files, hardly a minute work ;) .

    Thanks for the update!

  20. 20.

    MyBB 1.4.6 Released - Security Update | Bunnykins' Blog (May 8th, 2009, 10:17 am)

    [...] Source // Bookmark It Hide Sites $$(‘div.d223′).each( function(e) { e.visualEffect(‘slide_up’,{duration:0.5}) }); [...]

  21. 21.

    Anish K.S (May 9th, 2009, 8:47 pm)

    Thanks for the update :)

  22. 22.

    Zukdeen (May 10th, 2009, 12:29 am)

    Upgraded =D

  23. 23.

    JacobMarshall (May 11th, 2009, 1:42 pm)

    Great work guys!

  24. 24.

    hell (May 12th, 2009, 2:44 am)

    thank you upgraded :D yeah men

  25. 25.

    Alice (May 19th, 2009, 5:50 pm)

    :D thanks for your upgraded.
    yeah useful for me

  26. 26.

    WooWay (November 26th, 2009, 3:22 pm)

    please any one help me for upgarding my forum from 1.4.4.please mail me to wooway143@yahoo.com

    Thanks in advance.

  27. 27.

    Staff Response: MattRogowski (November 27th, 2009, 4:01 am)

    I assume you missed the big red text in the first comment.

    Make a support thread in the forums, that is why they are there.

  28. 28.

    Alex (January 10th, 2010, 8:50 pm)

    Thanks, I have upgraded the security fix, I was using 1.4.5 till now.. :)

  29. 29.

    Staff Response: MattRogowski (January 10th, 2010, 11:10 pm)

    You didn’t only apply this patch did you?? o.O This was released 8 months ago…

  30. 30.

    chanel handbags (February 28th, 2010, 1:25 pm)

    Upgraded successfully
    Thank you

  31. 31.

    lzj87980239 (February 28th, 2010, 1:27 pm)

    Thanks for the update!
    I was using 1.4.5 till now!

  32. 32.

    lzj87980239 (February 28th, 2010, 1:28 pm)

    I was using 1.4.5 till now!
    thanks for your upgraded.
    yeah useful for me.

  33. 33.

    مانشيتات دوت كوم - اخبار - مصر - العالم - الرياضة - السيارات - الاقتصاد - الحوادث - النجوم - الصحف (December 16th, 2010, 6:49 pm)

    please any one help me for upgarding my forum from 1.4.4.please mail me to wooway143@yahoo.com

    Thanks in advance.

  34. 34.

    Staff Response: MattRogowski (December 16th, 2010, 7:53 pm)

    At last person – as it quite clearly says at the top of the comments, don’t use this for support, make a support thread.

    Also, if you’re still on 1.4.4, you’ve not been taking very good care of your forum, and you’re lucky you’ve not been hacked.

Post a Comment

Note: * indicates required fields.