MyBB 1.6.1 Released
RocketFoot Offline
Senior Member
****
Posts: 338
Joined: Jul 2010
Post: #1
MyBB 1.6.1 Released
MyBB 1.6.1 released Dec. 15th, 2010

http://blog.mybb.com/2010/12/15/mybb-1-6...http://blog.mybb.com/2010/12/15/mybb-1-6-1-release-1-4-

I wonder if this upgrade will be rough?  My board is heavily modified with plugins as well as theme edits.  I don't have a default theme installed, I only use 1 custom theme.  Any suggestions?  Wait a while maybe?

[Image: gallery_2_628_39582.jpg]
12-17-2010 12:50 AM
Find all posts by this user Quote this message in a reply
leefish Offline
Hamster
*****
Posts: 1,009
Joined: Apr 2010
Post: #2
RE: MyBB 1.6.1 Released
Well, I always wait a couple of days before upgrading what have you, then we will see if any thing major breaks. There are security issues though so hrmmm.


[Image: leelink.gif]
MYBB1.6 & XThreads
12-17-2010 01:10 AM
Visit this user's website Find all posts by this user Quote this message in a reply
RocketFoot Offline
Senior Member
****
Posts: 338
Joined: Jul 2010
Post: #3
RE: MyBB 1.6.1 Released
(12-17-2010 01:10 AM)leefish Wrote:  Well, I always wait a couple of days before upgrading what have you, then we will see if any thing major breaks. There are security issues though so hrmmm.

You're probably in the same boat as me...your board is heavily modified!  I dread these releases!  I run an IPB board and the same thing, every few months, another minor or major release is rolled out!

[Image: gallery_2_628_39582.jpg]
12-17-2010 01:13 AM
Find all posts by this user Quote this message in a reply
MattR Offline
Junior Member
**
Posts: 40
Joined: Jul 2010
Post: #4
RE: MyBB 1.6.1 Released
That's why we provide the manual patches file for the security fixes... sometimes I get the feeling people would rather just have bugs than update and have them fixed... plugins will have absolutely no impact on this upgrade, and only 3 templates need to be reverted to default if you've even made edits to them, are you saying you've edited loads of core PHP files??
(This post was last modified: 12-17-2010 01:42 AM by MattR.)
12-17-2010 01:33 AM
Find all posts by this user Quote this message in a reply
leefish Offline
Hamster
*****
Posts: 1,009
Joined: Apr 2010
Post: #5
RE: MyBB 1.6.1 Released
(12-17-2010 01:33 AM)MattR Wrote:  That's why we provide the manual patches file for the security fixes... sometimes I get the feeling people would rather just have bugs than update and have them fixed... plugins will have absolutely no impact on this upgrade, and only 3 templates need to be reverted to default if you've even made edits to them, are you saying you've edited loads of core PHP files??

Hmm, no. What I WAS saying is that my usual practice of giving it a couple of days might be changed because of the security fixes.

This is why I have downloaded the manual patch and am patching before I upgrade in  couple of days.

Stop assuming stuff all the time, eh?


[Image: leelink.gif]
MYBB1.6 & XThreads
(This post was last modified: 12-17-2010 01:56 AM by leefish.)
12-17-2010 01:54 AM
Visit this user's website Find all posts by this user Quote this message in a reply
MattR Offline
Junior Member
**
Posts: 40
Joined: Jul 2010
Post: #6
RE: MyBB 1.6.1 Released
My post was aimed at RocketFoot...
(This post was last modified: 12-17-2010 02:23 AM by MattR.)
12-17-2010 02:23 AM
Find all posts by this user Quote this message in a reply
leefish Offline
Hamster
*****
Posts: 1,009
Joined: Apr 2010
Post: #7
RE: MyBB 1.6.1 Released
(12-17-2010 02:23 AM)MattR Wrote:  My post was aimed at RocketFoot...

LOL - that will teach me to assume Smile

also - Rocketfoot - you should do the security edits.


[Image: leelink.gif]
MYBB1.6 & XThreads
(This post was last modified: 12-17-2010 02:27 AM by leefish.)
12-17-2010 02:24 AM
Visit this user's website Find all posts by this user Quote this message in a reply
MasterZuFu Offline
Member
***
Posts: 97
Joined: Dec 2010
Post: #8
RE: MyBB 1.6.1 Released
Due to the security issues related to this upgrade, I upgraded mine right away (I learned the hard way a few years ago and neglected up to a week before upgrading -unfortunately this was the mybb 1.4 upgrade dealing with a HUGE security vulnerability that allowed a hacker to gain admin permissions and even root mybb for a backdoor attack later-, while I was in the middle of doing my upgrade my site was hacked and I found myself and my sysadmin in the middle of a 30 minute battle trying to block the hacker and revert things to normal while he undid everything we did, it took some time but we finally outsmarted him.).

I highly suggest upgrading due to the security threats involved.

I would note that my "Trading forum" and "Training forum" had a slight mishap after the upgrade. When I made a new thread it gave me an sql error because I didn't have a default "no image" picture in the /images folder, so even uploading an image wouldn't work unless I had the /images/no_image.gif file in there. I'll post this problem in the "Trading Forum" section as well, maybe there's an update or fix for it, but it made me put the "no image" in there anyways. Tongue

12-17-2010 02:34 AM
Visit this user's website Find all posts by this user Quote this message in a reply
RocketFoot Offline
Senior Member
****
Posts: 338
Joined: Jul 2010
Post: #9
RE: MyBB 1.6.1 Released
MattR, I do have some edits to php files, I'll have to look and see if mine are any of the ones mentioned in the blog.  Also, please don't take my post wrong...I appreciate the updates and security patches but i just wish that it could be easier and with less mess!  LOL.  I consider myself somewhat experienced and still have trouble but for a rookie forum master, an update could be really ugly.

[Image: gallery_2_628_39582.jpg]
12-17-2010 03:12 AM
Find all posts by this user Quote this message in a reply
ZiNgA BuRgA Offline
Fag
*******
Posts: 3,357
Joined: Jan 2008
Post: #10
RE: MyBB 1.6.1 Released
I believe it's an XSS fix, which isn't *too* big of a hole TBH.  It's been public knowledge for a while anyway: http://dev.mybb.com/issues/1331
Worst case scenario for an XSS attack is that someone gets an admin account, however, they'll unlikely be able to get AdminCP access.

Considering that so many custom MyCodes essentially give XSS vulnerabilities, and no-one seems to notice until I point it out, I really doubt you're at much risk of an XSS based attack.
Nevertheless, it's possible I guess >_>

For people who mod files, just do a diff of your modified files against a stock 1.6.0 (WinMerge is handy) to find what you've modified.  You can even try creating a patch file and applying it to 1.6.1, though it may not work.

My Blog
(This post was last modified: 12-17-2010 09:13 AM by ZiNgA BuRgA.)
12-17-2010 09:10 AM
Find all posts by this user Quote this message in a reply

« Next Oldest | Next Newest »

 Standard Tools
Forum Jump: