As with previous releases three different packages are available:
- Full Package
Contains entire phpBB2 source and English language package - Changed Files Only
Contains only those files changed from previous versions of phpBB. Please note this archive contains changed files for each previous release - Patch Files
Contains patch compatible patches from the previous versions of phpBB.
Please ensure you read the INSTALL and README documents in docs/ before proceeding with installation or updates!.
Note to 2.0.3 users intending to use the patch file version
Users of 2.0.3 intending to use the patch version may (but not necessarily will) need to run fix_files.sh (found in the contrib/ directory with the downloaded archive) before patching.
We recommend that all 2.0.3 users do a "dry run" patch first to see whether this you need to use this fix. To do this append --dry-run to the patch command, e.g. patch -cl -p1 --dry-run < phpBB-2.0.3_to_2.0.7.patch. This will prevent any permanent changes being made to your installation. If you experience numerous (literally dozens and dozens) of hunk failed messages this applies to you.
To correct this problem go to your phpBB root directory, copy the fix_files.sh to this location, chmod u+x fix_files.sh and type ./fix_files.sh *. This will strip windows style carriage returns present in the 2.0.3 source. Please note that binary files will be "fixed" too if they are within directories other than those named files or images. Please move such directories out of the phpBB root path (temporarily) before running this fix.
What has changed in this release?
A comprehensive changelog is included with all archives. This edition is centred on fixing a number of potential security issues.
As with 2.0.5 and 2.0.6 the visual confirmation and the template caching Mods are included in the contrib directory.
Note to all users using 2.0.6a to 2.0.6d
If you followed all security updates and announcements regarding this (you should) here are the changes for you to make to your source files to patch two new security issues found by Gulftech Security Research:
Open viewforum.php
FIND ( Line 243 )
Code: Select all
$topic_days = ( !empty($HTTP_POST_VARS['topicdays']) ) ? $HTTP_POST_VARS['topicdays'] : $HTTP_GET_VARS['topicdays'];
Code: Select all
$topic_days = ( !empty($HTTP_POST_VARS['topicdays']) ) ? intval($HTTP_POST_VARS['topicdays']) : intval($HTTP_GET_VARS['topicdays']);
FIND ( Line 317 )
Code: Select all
$post_days = ( !empty($HTTP_POST_VARS['postdays']) ) ? $HTTP_POST_VARS['postdays'] : $HTTP_GET_VARS['postdays'];
Code: Select all
$post_days = ( !empty($HTTP_POST_VARS['postdays']) ) ? intval($HTTP_POST_VARS['postdays']) : intval($HTTP_GET_VARS['postdays']);