MyBB 1.4.13 is now available on the MyBB website and is a patch to MyBB 1.4.12 which introduced two regressions related to the security updates in MyBB 1.4.12.
This release is to ensure that all users on 1.4.12 have the proper security patches applied to their forum.
Thank you to Pirata Nervo and Labrocca for alerting us of these issues and to Stefan Esser for assisting us in a patch for Issue #843.
What’s fixed in this version?
This update does not require running the upgrader.
There are no database schema, language string, or template changes in this version.
MyBB 1.4.12 to MyBB 1.4.13 Patch
This patch is only for users running MyBB 1.4.12. If you are running an older version of MyBB then please download MyBB 1.4.13 from the MyBB site and update to it using the general [Wiki: Upgrading] guide.
Please download the attached ZIP archive and replace the files in your forum directory with those from the ZIP archive.
changed_files_1413.zip
Alternatively, if you are running MyBB 1.4.11, you may follow the “MyBB 1.4.11 to MyBB 1.4.12 Patch” instructions in the MyBB 1.4.12 announcement and then apply the MyBB 1.4.12 to MyBB 1.4.13 patch above.
The following files were changed since the initial MyBB 1.4.12 release:
- inc
- datahandlers
- post.php
- functions.php
- class_core.php
- datahandlers
* Red represents files that contain security updates
* Green represents new files added in this release
Reporting MyBB security vulnerabilities
If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.
As always, you can send through security related messages on the MyBB website from the Contact Us page.
MyBB 1.2.14 Patch
All users of the 1.2.x series are urged to upgrade to the latest release of MyBB. (1.4.13) MyBB 1.2 is no longer being supported and security updates for the MyBB 1.2 series ceased as of January 1, 2010.
Thank you,
MyBB Team
MyBB Blog 
Thanks for your great work, Keep it up =]
thanks mybb team, keep it up.
thanks mybb team…
NOW I’m gonna upgrade
Great, I can become an active poster again!
Nice MyBB Group, a speed release :O
Cool.I wonder if there will be a 14th subversion of 1.4 subversion!
I saw that that 1.4.12 will be the last release of the 1.4 series.But no, some more bugs are fixed 🙂
Keep up the good work and we all are waiting for 1.6.Release as soon as you can!
Many thanks MyBB team for all of the updates
it’s much appreciated!
Thanks for the quick fix Devs 🙂
Great ! I like the new version. It’s important to update because of security reasons.
Thanks for the update as always.
Previously these announcements were made in the forum, which had one pro: when you subscribed to that specific forum you got an instant email when there was a new topic (release). Right now, we are only informed by the mailing list, which sometimes have delays of several days or a whole week. In this case the email about 1.4.12 & 1.4.13 was sent on 19th which arrived on time (which was nice!), but there was nothing sent about 1.4.12 when it was released on april 13th (or at least nothing received). With the forum subscription we would’ve been notified immediately about 1.4.12 instead of 6 days later.
Are there any plans to somehow make a forum subscription available again so we can receive instant messages?
zoog: The reason that the email from the mailing list is sometimes not instant is that we release it and allow some time for any errors that we may have missed to be found by members and reported before we have everyone upgrade and encounter errors.
If you’d like I’m sure you can subscribe to the blog via the RSS feed.
Thanks for the reply Ryan. I thought it was due to technical issues or mailinglist size, but I understand now. I really liked the instant subscription email though, but I’ll have a look at how to subscribe to the blog.
Thanks.
Hey mybb nice work could you please update your scripts with the latest mod_security?