Discuss: phpBB 3.3.11 Release

Do not post support requests, bug reports or feature requests. Discuss phpBB here. Non-phpBB related discussion goes in General Discussion!
Scam Warning
indy_gopher
Registered User
Posts: 11
Joined: Thu Sep 22, 2016 3:13 pm

Re: Discuss: phpBB 3.3.11 Release

Post by indy_gopher »

Using the recommended procedure for updating, this update was reported as "database only". Can someone confirm that this is a database-only update?
Paul
Infrastructure Team Leader
Infrastructure Team Leader
Posts: 28857
Joined: Sat Dec 04, 2004 3:44 pm
Location: The netherlands.
Name: Paul Sohier

Re: Discuss: phpBB 3.3.11 Release

Post by Paul »

What recommended method did you use? Replacing all files? If not, no, it is definitely not a database only update, please post in support with the steps you followed, so we can provide instructions on how to properly finish the update.
User avatar
Tommy Herrmann
Registered User
Posts: 30
Joined: Sat May 01, 2021 2:17 am
Location: Berlin - Germany

Re: Discuss: phpBB 3.3.11 Release

Post by Tommy Herrmann »

Hello,

thank you very much for this update. I have PHP 8.2.11 on the server.

I had this Ajax error too...

... other than this everything worked out perfectly.
User avatar
halil16
Registered User
Posts: 1430
Joined: Fri Jul 24, 2020 11:30 pm
Location: Turkiye
Name: Halil

Re: Discuss: phpBB 3.3.11 Release

Post by halil16 »

Isn't something like "Database update only..." normal? We've already changed the files, doesn't it say that because what's left is the database? I was always seeing him.
Buy me a coffee
Hire me for your phpBB board.
Introducing Mobile Upgrade! Make your phpBB board like an app!
O BeldeThatTowns*for sale*new price
"The day we'll need ideas more than possessions, we'll find the secret to true wealth." - Peyami Safa /peˈjɑːmi saˈfɑː/
User avatar
stevemaury
Support Team Member
Support Team Member
Posts: 52790
Joined: Thu Nov 02, 2006 12:21 am
Location: The U.P.
Name: Steve

Re: Discuss: phpBB 3.3.11 Release

Post by stevemaury »

halil16 wrote: Tue Oct 31, 2023 4:02 am Isn't something like "Database update only..." normal? We've already changed the files, doesn't it say that because what's left is the database? I was always seeing him.
Yes, if you use the file replacement method.
I can stop all your spam. I can upgrade or update your Board. PM or email me. (Paid support)
User avatar
Sniper_E
Registered User
Posts: 1196
Joined: Wed May 09, 2007 12:18 am
Location: Shreveport, Louisiana
Name: Ed Humphrey

Re: Discuss: phpBB 3.3.11 Release

Post by Sniper_E »

Since phpbb moved from mods to extensions I have used the 'Advanced Update' method. I would recommend this method to everyone.
The phpBB-3.3.10_to_3.3.11.zip package update went as smoothly as all my other past updates.
Never any problems or issues. Not to mention the hash issue this time round, because that was no big deal.

None of my core files are modified so after uploading the downloaded updated core files then the database is updated and done.
Then for the styles I download the updated prosilver and replaced all the files, unmodified also.
And on any custom styles I have, like mine, I manually edited the style changes listed for the new version.

Thanks for the packages guys, you make updating effortless.
Image . -.. / .... ..- -- .--. .... .-. . -.--
No is NEVER an Option and NEVER is the only Option when it comes to Giving Up!

:!: Sniper_E Styles | phpbbmodders :!:
User avatar
warmweer
Jr. Extension Validator
Posts: 11767
Joined: Fri Jul 04, 2003 6:34 am
Location: Van Allen Bel ... gium

Re: Discuss: phpBB 3.3.11 Release

Post by warmweer »

Sniper_E wrote: Tue Oct 31, 2023 10:10 pm Since phpbb moved from mods to extensions I have used the 'Advanced Update' method. I would recommend this method to everyone.
This isn't what you describe in the following
Sniper_E wrote: Tue Oct 31, 2023 10:10 pm None of my core files are modified so after uploading the downloaded updated core files then the database is updated and done.
Then for the styles I download the updated prosilver and replaced all the files, unmodified also.
And on any custom styles I have, like mine, I manually edited the style changes listed for the new version.
This sounds as though you're using the Changed Files package rather than the Advanced Update method.
Spelling is freeware, which means you can use it for free.
On the other hand, it is not open source, which means you cannot change it or publish it in a modified form.


Time flies like an arrow, but fruit flies like a banana.
User avatar
Sniper_E
Registered User
Posts: 1196
Joined: Wed May 09, 2007 12:18 am
Location: Shreveport, Louisiana
Name: Ed Humphrey

Re: Discuss: phpBB 3.3.11 Release

Post by Sniper_E »

This is the method I described above that I have been using. https://www.phpbb.com/downloads/3.3/adv ... ion=3.3.10

As per the instructions you download and extract those files and upload them to your server.
Then you go to the /install directory and select update.
It checks the difference in the core files and gives you a download of all the changed files it found.
You download those changed files and upload them to your server.
It then checks the files again and moves on to updating the database.
And when complete all you have to do is update the changes in the style files.

This is exactly what I described in my post above. How could you possibly get confused on what I posted?
Image . -.. / .... ..- -- .--. .... .-. . -.--
No is NEVER an Option and NEVER is the only Option when it comes to Giving Up!

:!: Sniper_E Styles | phpbbmodders :!:
User avatar
warmweer
Jr. Extension Validator
Posts: 11767
Joined: Fri Jul 04, 2003 6:34 am
Location: Van Allen Bel ... gium

Re: Discuss: phpBB 3.3.11 Release

Post by warmweer »

Sniper_E wrote: Tue Oct 31, 2023 11:47 pm ...
This is exactly what I described in my post above. How could you possibly get confused on what I posted?
You did mention:
Sniper_E wrote: Tue Oct 31, 2023 10:10 pm None of my core files are modified
Which implies that the Changed Files package is all you need.
Even for the prosilver files: the styles/prosilver contains only prosilver files that were changed, so those are the only files you would need to transfer your style edits to.

It's just that what you described is not wrong as such, but you probably had edits in some 3.3.10 prosilver files which were not changed in 3.3.11 prosilver so those didn't need updating.
Spelling is freeware, which means you can use it for free.
On the other hand, it is not open source, which means you cannot change it or publish it in a modified form.


Time flies like an arrow, but fruit flies like a banana.
User avatar
Mick
Support Team Member
Support Team Member
Posts: 26848
Joined: Fri Aug 29, 2008 9:49 am

Re: Discuss: phpBB 3.3.11 Release

Post by Mick »

Sniper_E wrote: Tue Oct 31, 2023 10:10 pmI have used the 'Advanced Update' method. I would recommend this method to everyone.
You should be careful recommending the advanced update to everyone. Not everybody has the same skills as you and there is only limited support for modified boards as phpBB no longer supports modifications.
Advanced Update wrote: Warning: The advanced update is for expert users that have made custom edits to core files. If you have a standard installation of phpBB that only includes downloaded extensions or styles this update package is not applicable to you and SHOULD NOT be used.
  • "The more connected we get the more alone we become” - Kyle Broflovski© 🇬🇧
User avatar
Sniper_E
Registered User
Posts: 1196
Joined: Wed May 09, 2007 12:18 am
Location: Shreveport, Louisiana
Name: Ed Humphrey

Re: Discuss: phpBB 3.3.11 Release

Post by Sniper_E »

I understand now guys. I retract recommending using the Advanced Update method.
I compared the files in the Changed Files download with the Update Archive I downloaded and they are the same files. Same update results.

I'll use the Changed Files method on the next release. It looks to be a little more simple the way I update.
Thanks for the guidance warmweer and Mick toward the correct way I should be updating. You guys are correct.
Image . -.. / .... ..- -- .--. .... .-. . -.--
No is NEVER an Option and NEVER is the only Option when it comes to Giving Up!

:!: Sniper_E Styles | phpbbmodders :!:
User avatar
invenio
Registered User
Posts: 414
Joined: Wed Dec 09, 2015 1:45 pm
Location: New Hampshire, USA

Re: Discuss: phpBB 3.3.11 Release

Post by invenio »

Another flawless upgrade. Thank you to the development team.
calvi
Registered User
Posts: 3
Joined: Sun Jul 08, 2007 11:14 am

Re: Discuss: phpBB 3.3.11 Release

Post by calvi »

After doing to upgrade from 3.3.10 to 3.3.11, I ran "composer audit" with the following result:

Code: Select all

Found 1 security vulnerability advisory affecting 1 package:
+-------------------+----------------------------------------------------------------------------------+
| Package           | symfony/http-kernel                                                              |
| CVE               | CVE-2022-24894                                                                   |
| Title             | CVE-2022-24894: Prevent storing cookie headers in HttpCache                      |
| URL               | https://symfony.com/cve-2022-24894                                               |
| Affected versions | >=2.0.0,<2.1.0|>=2.1.0,<2.2.0|>=2.2.0,<2.3.0|>=2.3.0,<2.4.0|>=2.4.0,<2.5.0|>=2.5 |
|                   | .0,<2.6.0|>=2.6.0,<2.7.0|>=2.7.0,<2.8.0|>=2.8.0,<3.0.0|>=3.0.0,<3.1.0|>=3.1.0,<3 |
|                   | .2.0|>=3.2.0,<3.3.0|>=3.3.0,<3.4.0|>=3.4.0,<4.0.0|>=4.0.0,<4.1.0|>=4.1.0,<4.2.0| |
|                   | >=4.2.0,<4.3.0|>=4.3.0,<4.4.0|>=4.4.0,<4.4.50|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5. |
|                   | 2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.20|>=6.0.0,<6.0.20|>=6.1.0,<6.1.12|>=6.2. |
|                   | 0,<6.2.6                                                                         |
| Reported at       | 2023-02-01T08:00:00+00:00                                                        |
+-------------------+----------------------------------------------------------------------------------+
Found 3 abandoned packages:
+---------------------------------+---------------------------------+
| Abandoned Package               | Suggested Replacement           |
+---------------------------------+---------------------------------+
| symfony/debug                   | symfony/error-handler           |
| zendframework/zend-code         | laminas/laminas-code            |
| zendframework/zend-eventmanager | laminas/laminas-eventmanager    |
+---------------------------------+---------------------------------+
That security vulnerability is fixed in symfony/http-kernel 4.4, but I couldn't get the forum to work after updating all symfony components to 4.4. Is a fix for this in hand?
User avatar
GanstaZ
Registered User
Posts: 1216
Joined: Wed Oct 11, 2017 10:29 pm
Location: GZOverse

Re: Discuss: phpBB 3.3.11 Release

Post by GanstaZ »

Just updating components via composer will not solve it. You will need to modify core files to support that version.

PS. Post below answers all questions)
Last edited by GanstaZ on Sun Nov 05, 2023 12:32 am, edited 2 times in total.
Usus est magister optimus! phpBB pre-Triton & latest php environment.
When answer lies in the question, question becomes redundant!
User avatar
Marc
Development Team Leader
Development Team Leader
Posts: 5716
Joined: Tue Oct 30, 2007 10:57 pm
Location: Munich, Germany
Name: Marc

Re: Discuss: phpBB 3.3.11 Release

Post by Marc »

calvi wrote: Sat Nov 04, 2023 2:52 pm After doing to upgrade from 3.3.10 to 3.3.11, I ran "composer audit" with the following result:

Code: Select all

Found 1 security vulnerability advisory affecting 1 package:
+-------------------+----------------------------------------------------------------------------------+
| Package           | symfony/http-kernel                                                              |
| CVE               | CVE-2022-24894                                                                   |
| Title             | CVE-2022-24894: Prevent storing cookie headers in HttpCache                      |
| URL               | https://symfony.com/cve-2022-24894                                               |
| Affected versions | >=2.0.0,<2.1.0|>=2.1.0,<2.2.0|>=2.2.0,<2.3.0|>=2.3.0,<2.4.0|>=2.4.0,<2.5.0|>=2.5 |
|                   | .0,<2.6.0|>=2.6.0,<2.7.0|>=2.7.0,<2.8.0|>=2.8.0,<3.0.0|>=3.0.0,<3.1.0|>=3.1.0,<3 |
|                   | .2.0|>=3.2.0,<3.3.0|>=3.3.0,<3.4.0|>=3.4.0,<4.0.0|>=4.0.0,<4.1.0|>=4.1.0,<4.2.0| |
|                   | >=4.2.0,<4.3.0|>=4.3.0,<4.4.0|>=4.4.0,<4.4.50|>=5.0.0,<5.1.0|>=5.1.0,<5.2.0|>=5. |
|                   | 2.0,<5.3.0|>=5.3.0,<5.4.0|>=5.4.0,<5.4.20|>=6.0.0,<6.0.20|>=6.1.0,<6.1.12|>=6.2. |
|                   | 0,<6.2.6                                                                         |
| Reported at       | 2023-02-01T08:00:00+00:00                                                        |
+-------------------+----------------------------------------------------------------------------------+
Found 3 abandoned packages:
+---------------------------------+---------------------------------+
| Abandoned Package               | Suggested Replacement           |
+---------------------------------+---------------------------------+
| symfony/debug                   | symfony/error-handler           |
| zendframework/zend-code         | laminas/laminas-code            |
| zendframework/zend-eventmanager | laminas/laminas-eventmanager    |
+---------------------------------+---------------------------------+
That security vulnerability is fixed in symfony/http-kernel 4.4, but I couldn't get the forum to work after updating all symfony components to 4.4. Is a fix for this in hand?
phpBB does not use the code that is affected by this issue and hence is also not affected by the mentioned issue. The target version for the next major release of phpBB will be Symfony 6.4.

Return to “phpBB Discussion”