MyBB Development Blog

Welcome to the MyBB Development Blog. Here you'll find updates relating to the development of future versions of MyBB as well as technical discussions, tips, tricks and modifications to help you get the most out of MyBB.

MyBB 1.4.9 Released – Security Update

By Ryan Gordon | Published September 21st, 2009 | Releases, Updates | Rating: 1 Star2 Stars3 Stars4 Stars5 Stars Loading ... Loading ...

MyBB 1.4.9 is a security update to the MyBB 1.4 series. It fixes 1 high risk security vulnerability and two low risk issues. We recommend everybody upgrades to this release immediately or patch their boards with the manual patching instructions below.

These vulnerabilities affects MyBB 1.4.8. MyBB 1.2 is also affected.

Thank you to endeavormac, frostschutz, and TheLinx for alerting us of these issues.

MyBB 1.4.8 to MyBB 1.4.9 Patch

This patch is only for users running MyBB 1.4.8. If you are running an older version of MyBB then please download MyBB 1.4.9 from the MyBB site and update to it.

Please download the attached ZIP archive and replace the files in your forum directory with those from the ZIP archive.

changed_files_1409.zip

If you wish to manually patch your board please download “mybb_1408_patches.txt” and follow the instructions in that file.

mybb_1408_patches.txt

Please Note: You do not have to run the upgrade script for this release.

Reporting MyBB security vulnerabilities

If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.

As always, you can send through security related messages on the MyBB website from the Contact Us page.

MyBB 1.2.14 Patch

Please follow step #1 in the mybb_1408_patches.txt file as listed above.

Please note all users of the 1.2.x series are urged to upgrade to the latest release of MyBB. (1.4.9) MyBB 1.2 is no longer being supported, though security updates for the MyBB 1.2 series will last through December 2009.

Comments

  1. 1.

    Aglioeolio (September 21st, 2009, 1:58 pm)

    Thanks mybbgroup!!!

    I will upgrade now

  2. 2.

    FDL (September 21st, 2009, 2:24 pm)

    thanks, upgraded ;)

  3. 3.

    Staff Response: Ryan Loos (September 21st, 2009, 2:29 pm)

    PLEASE DO NOT POST SUPPORT REQUESTS IN THIS BLOG DISCUSSION THREAD – they will be ignored or deleted.

    If you need help please post it at the General Support forum:
    http://community.mybboard.net/forum-81.html

    This comment thread is for feedback and questions regarding the release, and any clarifications.

    Thanks for your cooperation.

  4. 4.

    Emperor (September 21st, 2009, 2:31 pm)

    Thanks MyBB
    as always very keen to help others, Thanks for the update.

    Updating now :)

  5. 5.

    mrl586 (September 21st, 2009, 3:17 pm)

    I see some PHP 5.3.0 related errors after upgrade. Someone MyBB Staff member said before that this MyBB version is fully compatible with PHP 5.3.0.

  6. 6.

    MyBB 1.4.9 released | Awesome Styles blog (September 21st, 2009, 3:37 pm)

    [...] More information about this release can be found on the MyBB blog [...]

  7. 7.

    Staff Response: Ryan Gordon (September 21st, 2009, 4:14 pm)

    Due to this being a security only release, any bug fixes are automatically bumped to the next available maintenance release.

  8. 8.

    MyBB Blog » Blog Archive » MyBB 1.4.9 Released – Security Update Hello CMS - the best cms website (September 21st, 2009, 4:32 pm)

    [...] here: MyBB Blog » Blog Archive » MyBB 1.4.9 Released – Security Update By admin | category: MyBB, Object | tags: development, find-updates, future-versions, [...]

  9. 9.

    Darkmew (September 21st, 2009, 4:37 pm)

    updating pronto …

  10. 10.

    MyBB 1.4.9 released | Forum Bite - the forum blog (September 21st, 2009, 5:00 pm)

    [...] More information about this release can be found on the MyBB blog [...]

  11. 11.

    Anish KS (September 21st, 2009, 5:41 pm)

    Updated to latest version.

  12. 12.

    habs (September 21st, 2009, 7:29 pm)

    Upgrade done! :D

  13. 13.

    Pepotiger (September 21st, 2009, 8:13 pm)

    updated here, thank you guys.

  14. 14.

    GecKoTDF (September 21st, 2009, 9:49 pm)

    Great, very fast, MyBB the best.

  15. 15.

    Staff Response: MattRogowski (September 21st, 2009, 11:16 pm)

    Mmmm updates :)

  16. 16.

    العربي (September 22nd, 2009, 12:07 am)

    thank you,
    good luck mybb team.

  17. 17.

    Menthix (September 22nd, 2009, 12:52 am)

    Thanks, update went smooth as always.

  18. 18.

    Fábio (September 22nd, 2009, 1:19 am)

    AMAZING. Thank you.

  19. 19.

    catfished (September 22nd, 2009, 2:40 am)

    Thanks, took less than a minute from download to completion.

  20. 20.

    GM (September 22nd, 2009, 4:45 am)

    Successfully upgrade.. :D

    Thanks for fast update..

  21. 21.

    Staff Response: Polarbear541 (September 22nd, 2009, 5:20 am)

    I smell 1.4 going into second digits :P

  22. 22.

    Alvaro (September 22nd, 2009, 7:37 am)

    Thanks…
    Forums upgraded ;)

  23. 23.

    Angelbg (September 22nd, 2009, 11:34 am)

    Wow, nice post, thank you.

    I love this forum software. :D

  24. 24.

    Pete (September 22nd, 2009, 5:20 pm)

    Yep – 1.4 in second digits definitely pongs. Wicked upgrade, thank you!

  25. 25.

    MyBB Blog » Blog Archive » MyBB 1.4.9 Released – Security Update Scripts Rss (September 22nd, 2009, 9:57 pm)

    [...] original post here:  MyBB Blog » Blog Archive » MyBB 1.4.9 Released – Security Update By admin | category: MyBB, Object | tags: development, find-updates, future-versions, [...]

  26. 26.

    Deviance (September 22nd, 2009, 10:50 pm)

    Once again a smooth upgrade that’s done within the minute, great work guys.

  27. 27.

    chowkuey (September 24th, 2009, 5:36 pm)

    1.2.x need to upgrade only step #1 isn’t it?

  28. 28.

    Staff Response: MattRogowski (September 25th, 2009, 5:28 pm)

    Yes, as it says above, just the first step of the manual patches :)

  29. 29.

    ghazal (September 26th, 2009, 5:12 pm)

    Great news, I will upgrade my http://www.mybbcodes.com forum now. Thanks for the release Ryan Gordon ;)

  30. 30.

    dared (September 27th, 2009, 1:34 am)

    this is just a security update right? not maintaince so php 5.3.0 still not supporting. i’m asking couse of this thread: http://community.mybboard.net/thread-52195.html

  31. 31.

    Staff Response: StefanT (September 27th, 2009, 8:11 pm)

    You are right. MyBB 1.4.9 will not work correctly with PHP 5.3.

  32. 32.

    ghazal (October 7th, 2009, 12:22 am)

    OMG: My hosts’s php is upgradng to 5.3 . Can you please resolve this NON SUPPORTING ISSUE please.

    Kind regards

  33. 33.

    Staff Response: MattRogowski (October 9th, 2009, 2:47 am)

    ghazal, the fix for this has probably been linked to 100 times in the support forum, search.

  34. 34.

    ghazal (October 13th, 2009, 2:42 am)

    Thanks for pointing out ;) MattR

  35. 35.

    windowsmediaman (October 29th, 2009, 3:40 am)

    You guys should make it where in the update just the files that are updated you download instead of having to overwrite it all.

  36. 36.

    Staff Response: MattRogowski (October 30th, 2009, 6:34 am)

    @windowsmediaman Erm… I assume you missed this then: changed_files_1409.zip

    We always provide the changed files separately…

Post a Comment

Note: * indicates required fields.