phpBB Group announces the release of phpBB 2.0.22. This release addresses several bugfixes and some security issues.
Language pack authors may note that one additional language variable had been added.
As with all new releases we urge you to update as soon as possible. You can of course find this download available on our downloads page. As per usual four packages are available to simplify your update.
- Full Package
Contains entire phpBB2 source and English language package - Changed Files Only
Contains only those files changed from previous versions of phpBB. Please note this archive contains changed files for each previous release - Patch Files
Contains patch compatible patches from the previous versions of phpBB. - Code Changes
Contains step-by-step instructions in MOD format for updating heavily MODified installs
Please ensure you read the INSTALL and README documents in docs/ before proceeding with installation or updates!.
It is important that you carry out both parts of the update - updating the files and running the database update script - for updates to be complete.
What has changed in this release?
The changelog (contained within this release) is as follows:
- [Fix] Check for user's existence prior to showing email form
- [Fix] New members of moderator groups should always become moderators (Bug #382)
- [Fix] Proper message when replying to non-existant topics (Bug #459)
- [Fix] Changed column type of search_array to store more ids (Bug #4058)
- [Fix] Fixed annoyance with font-size selector (Bug #4612)
- [Fix] Fix optimize line in database updater (Bug #6186)
- [Sec] Check for the avatar upload directory reinforced
- [Sec] Changes to the criteria for "bad" redirection targets - kellanved
- [Sec] Fixed a non-persistent XSS issue in private messaging
- [Sec] Fixing possible negative start parameter - SpiderZ.
- [Sec] Added session checks to various forms - kellanved