MyBB Merge System for 1.6.10 is now available from the MyBB website and is a maintenance update to the MyBB Merge 1.6 series.
This release is to ensure that users of the MyBB Merge System are able to upgrade and continue to use MyBB 1.6.10.
If you are using or looking to upgrade to MyBB 1.6.10 it is imperative you use this version of the Merge System.
The MyBB Team are working hard to create and update modules for the MyBB Merge System. More information is coming soon!
MyBB 1.6.10 is now available from the MyBB website and is a security and maintenance release.
This release fixes 7 vulnerabilities and over 95 reported issues causing incorrect functionality of MyBB. Please be aware that to be able to provide easy to manage updates not all issues have been fixed in this version.
A considerable amount of effort has been put in to MyBB 1.6.10 to fix a myraid of issues with PHP 5.4. This is the main reason why the release has been delayed until now. MyBB 1.6.10 should now be compatible with PHP 5.4 hosts.
Please view the 1.6.10 changes on the Docs site for more information about the changes in this version.
Before performing any upgrade please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again (if necessary) once the upgrade is complete.
To upgrade, follow the Upgrading process. The upgrade script is required. There are changes to 12 language files. 25 templates have been changed or added.
If you’re using MyBB 1.6.9
- Download and use the Changed Files Package (MD5: e1e3d8db4a8ca06c527ff5692cf2ca24)
- Follow the Docs Upgrading Instructions
If you’re using MyBB 1.6.8 or lower
- Download and use thefull 1.6.10 Release Package (MD5: 8243d6788a92b7ffa921f131f4dcc84f)
- Follow the Docs Upgrading Instructions
If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.
As always, you can send through security related messages on the MyBB website from the Contact Us page or in our Private Inquiries forum – where you can start a new thread that only you and the MyBB Team can see.
Thanks,
MyBB Team
MyBB 1.6.9 is now available from the MyBB website and is a security release for the 1.6 series.
It has come to our attention that there is an SQL injection vulnerability in all versions of MyBB, including MyBB 1.6.8. We advise all MyBB forum owners to upgrade their forum as soon as possible.
With thanks to frostschutz and StefanT for finding and reporting these issues.
Vulnerabilities fixed:
Bugs fixed:
We apologise for any inconvenience.
Before performing any upgrade please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again once the upgrade is complete.
To upgrade, follow the Upgrading process. The upgrade script is required. There are changes to 1 language file (messages.lang.php). There are changes to 3 templates (portal_welcome_guesttext, loginbox & codebuttons).
If you’re using MyBB 1.6.8
If you’re using MyBB 1.6.7 or below
If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.
As always, you can send through security related messages on the MyBB website from the Contact Us page or in our Private Inquiries forum – where you can start a new thread that only you and the MyBB Team can see.
Thank you,
MyBB Team
MyBB 1.6.8 is now available from the MyBB website and is a general maintenance release.
This release fixes over 40 reported issues causing incorrect functionality of MyBB. Please be aware that to be able to provide easy to manage updates not all issues have been fixed in this version.
Please view the 1.6.8 changes in the wiki for more information about the changes in this version.
About half of the files that have changed in this version have been updated to match MyBB Development Standards. A full list of actual changed files (files with bug fixes) and standards changes are available from the Wiki.
These standards include removing whitespace at the end of files and ensuring they are encoded properly.
Before performing any upgrade please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again (if necessary) once the upgrade is complete.
To upgrade, follow the Upgrading process. The upgrade script is required. There are changes to 4 language files (with 23 having standard updates). 2 templates have been changed.
If you’re using MyBB 1.6.7
- Download and use the Changed Files Package (MD5: 68cbdca5c5dbf9e6e7bf26f29b44ebed)
- Follow the Wiki Upgrading Instructions
If you’re using MyBB 1.6.6 or lower
- Download and use the full 1.6.8 Release Package (MD5: b6a40feff176bffa8a46b087e6228beb)
- Follow the Wiki Upgrading Instructions
If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.
As always, you can send through security related messages on the MyBB website from the Contact Us page or in our Private Inquiries forum – where you can start a new thread that only you and the MyBB Team can see.
Thanks,
MyBB Team
MyBB 1.6.7 is now available from the MyBB website and is a security, maintenance and feature update.
In 1.6.7 there are 5 new feature updates and over 70 reported issues fixed. Please be aware that to be able to provide easy to manage updates not all issues have been fixed in this version.
1.6.7 fixes 5 low-risk security vulnerabilities.
ACP vulnerabilities require Administrator permissions and so considered low-risk. We recommend planning your upgrade as quickly as possible to ensure your forum is as secure as it can be.
New features included in 1.6.7 update include the ability to login with a username, an email or both. For more information about new features, please see the Wiki on 1.6.7.
Before performing any upgrade, please remember to backup your forum’s files and database and store them safely. If you have edited core files, including languages files, please make sure you make a change log for these changes so you can make them again once the upgrade is complete.
To upgrade, follow the Upgrading process. The upgrade script is required. There are also language and theme changes.
If you’re using MyBB 1.6.6
- Download and use the Changed Files Package
If you’re not using MyBB 1.6.6
- Download and use the full 1.6.7 release package
If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.
As always, you can send through security related messages on the MyBB website from the Contact Us page or in our Private Inquiries forum – where you can start a new thread that only you and the MyBB Team can see.
MyBB Merge System 1.6.7 is now available on the MyBB website and is a maintenance update to the MyBB Merge 1.6 series.
This release is to ensure that all users of MyBB Merge 1.6 have the latest fixes.
This release fixes several reported issues since the release of 1.6.3, which caused some incorrect functionality of the Merge System. These bugs have been fixed to provide a more stable version of the Merge System for public use.
This includes some critical fixes for phpBB that caused infinite loops.
We recently held our MyBB Mascot Naming Contest. Many community members proposed names and after a week a poll with the top names was put up. After another week of voting, the name “Bolt”, after MyBB founder Chris Boulton, was chosen. Proposed by Mebes Net, we of the MyBB Team feels this name conveys the strength and speed of MyBB very effectively.
We are proud to present to you the MyBB Mascot, Bolt!
Everyone here at MyBB are proud to announce the impending arrival of our next major feature release – MyBB 1.8.
Over the last 2 months we’ve been developing in secret at our Github lair, plotting to once again attempt to take over the forum world with our evil plans and awesome free software and to celebrate the 10th anniversary of DevBB – our supreme overlord predecessor.
1.8 isn’t as big of an overhaul as 1.2, 1.4 or 1.6 upgrades which introduced more than 100 features; this is more of a facelift. We took Justin, our lead designer, and locked him in a room with nothing but bacon and water until he came up with a new default theme which is taken from one of (if not the) most popular theme collections used by MyBB communities across the world; his Apart series. That’s not all – we developed attachable base colours to themes so that creating (and using) multi-coloured themes no longer involve adding 14 separate styles. You add just one. A new default theme for your Admin Control Panel (ACP) is available too.
For more than half of MyBB’s rule of the forum world, our JavaScript has been powered by Prototype. It was a popular library when we started using it but it has fallen behind a more powerful (and popular) rival and so we’ve consigned it to MyBB history; MyBB 1.8 is powered by jQuery.
Two of the most requested features for MyBB will also be heading to 1.8. With our switch to jQuery, along comes a new post editor (yet to be decided) and a Trash Can – or more the ability to recover deleted posts via the Mod CP.
Along with the regular bug fixes and a host of other planned improvements, such as an APC cache handler, being able to make a cup of hot cocoa, separating the plugin list to active/inactive, making some functions a bit easier to use and projecting your forum’s logo onto the face of the Moon, we’ll be working with MyBB gurus to improve performance, plugin integrations and we’re looking into making the authentication to 3rd party software much easier too with a dedicated login datahandler. It doesn’t have to be just gurus though; we’ll be opening up 1.8 to everyone on Github so that they too can fork, improve, update and become one with the MyBB Team.
We’re all very excited about this release and hope you are too! More information will be coming soon but in the mean time please feel free to suggest more improvements in our Suggestions and Feedback Forum!
Thanks,
MyBB Team
MyBB Merge System 1.6.3 is now available on the MyBB website and is a maintenance update to the MyBB Merge 1.6 series.
This release is to ensure that all users of MyBB Merge 1.6 have the latest fixes.
This release fixes several reported issues since the release of 1.6.2, which caused some incorrect functionality of the Merge System. These bugs have been fixed to provide a more stable version of the Merge System for public use.
This includes some critical fixes for things that will cause the system to catastrophically fail.
NOTE: After this release the merge system will jump to match MyBB’s version. So when MyBB 1.6.7 is released, MyBB Merge System 1.6.7 will be released with it. We’re going to try very hard to use that scheme from now on.
As always, you can send through security related messages on the MyBB website from the Contact Us page.
Thank you,
MyBB Team
MyBB 1.6.6 is now available from the MyBB website and is a security release for the 1.6 series.
In 1.6.6, 1 major issue and 14 low risk vulnerabilities have been fixed. Only the issues listed below are fixed; a further maintenance release will be available with general fixes to functionality in the near future.
Thanks to SQA Team Member Nathan Malcolm for finding all of these!
For more information on these vulnerabilities, please view the 1.6.6 Changes in the Wiki.
Before performing any upgrade, please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again once the upgrade is complete.
To upgrade, follow the Upgrading process. The upgrade script is required. There are changes to 1 language file. There is 1 change to themes. Please view the 1.6.6 Changes in the Wiki for more information about these changes.
If you’re using MyBB 1.6.5
- Download and use the Changed Files Package (MD5 checksum: 4bc870306925bf40643ad7550479c741)
- Follow the Wiki Upgrading instructions
If you’re not using MyBB 1.6.5
- Download and use the full 1.6.6 release package (MD5 checksum: 79823144eb149fc4f89a1bcf7443a6c3)
- Follow the Wiki Upgrading instructions
If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.
As always, you can send through security related messages on the MyBB website from the Contact Us page or in our Private Inquiries forum – where you can start a new thread that only you and the MyBB Team can see.
Thank you,
MyBB Team
MyBB 1.6.5 is now available from the MyBB website and is a feature update, security and maintenance release for the 1.6 series.
In 1.6.5, there are 3 vulnerabilities and over 70 reported issues fixed. Please be aware that not all of the existing problems have been fixed in this version.
Thanks to everyone who helped find and resolve the issues!
There are also over 10 new feature updates in 1.6.5. These range from the ability to locate spam users from the ACP to reCAPTCHA support. To get a summary of these new updates and for a list of changed files and language pack changes, please see the Wiki on 1.6.5.
Before performing any upgrade, please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again once the upgrade is complete.
If you have any plugins installed that limit signatures or provide reCAPTCHA, or might not be needed because of the new default settings available, it’s suggested to uninstall these before the upgrade. If you’re unsure, create a thread in the General Support section of the Community Forum with your plugin list and a useful member will be able to tell you the plugins that need to be disabled.
To upgrade, follow the Upgrading process. The upgrade script is required. There are also language and theme changes.
If you’re using MyBB 1.6.4
- Download and use the Changed Files Package
- Follow the Wiki Upgrading instructions
If you’re not using MyBB 1.6.4
- Download and use the full 1.6.5 release package
- Follow the Wiki Upgrading instructions
In 1.6.5, there are some fundamental changes to the Plugin System. These changes were made to provide greater support for PHP 5.3 and above.
These changes mean that you may need to upgrade some of the plugins you are running on your forum before upgrading to 1.6.5. If you are a Plugin Developer, you need to check your plugins to see if you are required to change them so they work with the new version.
Please see the 1.6.5 Plugin System Changes Wiki for an explanation of the changes. There is also the Plugin Changes coming in 1.6.5 thread on the Community Forums.
For those users who have been using Merge System 1.6.1 and earlier, there is a new update ready for you.
You can read more about it in the 1.6.2 Update Blog Post.
In the near future, the Merge System will be following the main branch of MyBB – for example, if you’re using MyBB 1.6.8 you’ll need Merge System 1.6.8. This will mean that the Merge System will jump several minor points. These changes have yet to come into effect, so please continue to use Merge System 1.6.2. We’ll announce further details nearer the time of the changes.
In October, we found that a 3rd party had compromised the MyBB server and the 1.6.4 release was modified to contain a hidden vulnerability. If you’re current using 1.6.4 and have had no prior knowledge of this, then we urge you to upgrade to 1.6.5 as soon as possible.
As a result of the compromise to our systems we will be hosting our download packages on github, we will continue to do this until we are confident our systems here are just as secure as what github can offer.
Here are the MD5 checksums for the release packages:
mybb_1605.zip: 032403cee9d25110370ace935803ab9d
1605_changedfiles.zip: 91e6055b758c0aa233503a2a7528a7b0
If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.
As always, you can send through security related messages on the MyBB website from the Contact Us page.
Thank you,
MyBB Team
MyBB Merge System 1.6.2 is now available on the MyBB website and is a maintenance update to the MyBB Merge 1.6 series.
This release is to ensure that all users of MyBB Merge 1.6 have the latest fixes.
This release fixes several reported issues since the release of 1.6.1, which caused some incorrect functionality of the Merge System. These bugs have been fixed to provide a more stable version of for public use.
As always, you can send through security related messages on the MyBB website from the Contact Us page.
Thank you,
MyBB Team
MyBB 1.6.4 is now available from the MyBB website and is a feature update, security and maintenance release for the 1.6 series.
In 1.6.4, there are 2 new updates and over 100 reported issues fixed.
Please be aware that not all of the existing problems have been fixed in this version. Because of the size of the updates, these will be fixed in a later release.
The 2 new updates included in 1.6.4 are only small – one globally switches on/off plugins and the other detects whether an Administrator has renamed the Portal to check for file verifications.
There are also 3 security updates for 1.6.4. Overall, they are low risk vulnerabilities as they all require administrator permissions – however, one of these is classed as high risk if a user manages to get into the Admin Control Panel (ACP).
As a result of this, it is recommended that only certain types of variables are used in templates that follow the MyBB Development Standards – although other types may be used it the templates are installed to the database through your plugin, Administrators will not be able to save templates with these variables in.
Theme Artists and Plugin Developers should take a close look at the new changes to see if their work will be affected by the new changes and update them accordingly.
In 1.6.4, there are a number of performance-related updates. These range from small code changes to caching thread prefixes. More information about these are available on 1.6.4’s page in the Wiki.
Almost everyone should be able to see at least some benefits from these changes.
Due to the size of this release and due to release errors earlier in the 1.6 series, all files need to be changed. This is to ensure that you have the latest versions of the software’s files which can be hard to trace from earlier releases.
This upgrade process is the same for any version of MyBB. Before performing any upgrade, please remember to backup your forum’s files and database and store them safely. If you have edited core files, please make sure you make a changelog for these changes so you can make them again once the upgrade is complete.
If you have installed plugins that require changes to core files, you will need to make those changes again.
To upgrade, follow the Upgrading process. The upgrade script is required. There are also language and theme changes.
If you require support for upgrading to 1.6.4, please see the 1.6 General Support Forum.
We’ve made a handy reference guide to what’s changed in 1.6.4 in the Wiki. We’ll be doing this for each version in the future too so you can see what we’re working on.
View 1.6.4 Changes in the Wiki.
For those users who have been using Merge System 1.6.1 and earlier, there is an important security update ready for you.
You can read more about it in the 1.6.1 Update Blog Post.
Thank you,
MyBB Team
MyBB Blog 