The phpBB2 forum software that can be installed from the Account Manager has been upgraded to the latest 2.0.15 version. This release is mainly a bugfix release, fixing the following issues:
* Fixed moderator status removal in groupcp.php
* Removed newlines after ?> on some files
* Added admin re-authentication (admin needs to login seperately to access the ACP)
* Fixed vulnerability in url/bbcode handling functions
* Fixed issue in admin/admin_forums.php
* Suppressed warning message for fsockopen in /includes/smtp.php
* Fixed bug in admin/admin_smilies.php (admin is able to add empty smilies)
* Adjusted documents to reflect the urgent need to update the files too (not only running the database update script)
* Added one new language variable
* Added general error if accessing profile for a non-existent user
* Changed session id generation to be more unique
* Fixed bug in highlight code to escape characters correctly
* Fixed bypassing of validate_username on registration
* Empty url/img bbcodes no longer get parsed
Previous versions of phpBB2 that were installed have been patched to include the security related fixes applicable to this new version.
- LexiConn Support
