by Juanm on Wednesday February 11th, 2009 08h08:13
Acyd Burn @ phpBB.com,Feb 10, 2009 23:11:01 wrote:As you probably know, we were attacked for unknown reasons by an individual using an exploit against our PHPList installation within hours of the exploit being publicly posted on a well-known exploit site. Facilitated by mistakes and - in retrospect mistaken - performance considerations in our server setup, the attacker was able to steal all email addresses from our mailing list, as well as the password hashes from this board's database.
And then the most important thing:
In a reckless act of showmanship, he later posted all this information on a blog.
We urge all our community members to change their passwo...
As you might have already seen from this global announcement yesterday morning, phpBB.com server was cracked by a script kid who exploited a vulnerability on phplist found surfing through a 'security' site, and then leaked the stolen data with the world.
No vulnerability was found into phpBB3 itself.
Please note that your account on phpbb.com might have been compromised (e.g. : password leaked) if you didn't login after the conversion to the new password hashing system (MD5 can be bruteforced). Please note also that we strongly advice you not to use the same combination password-usernam...
Last edited by Juanm on Monday February 2nd, 2009 09h22:00, edited 2 times in total. Reason:updated
We are sorry to report that we have been attacked through a vulnerability in an outdated PHPList installation. phpBB.com will remain unavailable while we work to recover. No new vulnerabilities have been found in the phpBB software itself. | phpBB 3.0.4 available from http://www.ohloh.net...
Last edited by Juanm on Monday February 2nd, 2009 09h19:21, edited 3 times in total. Reason:updated
It was down since the site conversion, happened on August 3rd, 2008. Now the photoalbum RSS feed has been brought to a new life. As an addition, latest posts, latest downloads, latest album photos appear on the right side of the home page too.
19h18' ... this is the timeframe passed from the official closing of phpBB2 support and 2.0.x support forum locking on phpBB.com
Marshalrusty, here wrote:Most phpBB2 resources have been removed from the Support Section of the site and further pruning will take place within the next few weeks. phpBB2 Knowledge Base articles will be reposted in the archived forum.
And then ....
There are a number of third party sites which have opened for the purpose of offering assistance with phpBB2. Additionally, some international support sites have decided to continue supporting phpBB2. As stated on the international support site page, php...
We are very pleased to announce the availability of the "one year anniversary" phpBB 3.0.4 package. With this release we would like to thank everyone who supported phpBB the past years. This release fixes some bugs introduced with the changes in 3.0.3, corrects minor issues, fixes two security bugs and also increases performance significantly.
Please note that we urge you to update. The versions we currently support here are phpBB 2.0.23 and phpBB 3.0.4. Bug submissions and incident reports for older versions will be closed.
changelog from 3.0.3 as follows
[code] * [Fix] Allow mixed-case template directories to be inherited (Bug #36725) * [Fix] Regression bug from revis...
Last edited by Juanm on Saturday December 13th, 2008 15h04:54, edited 1 time in total. Reason:Dload location added
by Juanm on Wednesday November 12th, 2008 22h32:04
Acyd Burn, phpBB.com dev team leader announced tonight the availability of phpBB 3.0.3
This version has seen numerous stability fixes, performance tweaks and general bugs fixed. Apart from some tiny new features, this version also introduces two major new features: template inheritance and a post-based queue.
Please note that we urge you to update. The versions we currently support here are phpBB 2.0.23 and phpBB 3.0.3. Bug submissions and incident reports for older versions will be closed.
Important changes since 3.0.2:
[code] * [Fix] Correctly set topic starter if first post in topic removed (Bug #30575 - Patch by blueray2048) * [Fix] Added VST - Venezuela Standard Time (Bug #30545). * [Fix] Close DB conn...