diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/docs/CHANGELOG.html | 8 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_database.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/mcp/mcp_reports.php | 1 | ||||
| -rw-r--r-- | phpBB/language/en/migrator.php | 7 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migration/data/v30x/release_3_0_14.php | 37 | ||||
| -rw-r--r-- | phpBB/phpbb/db/migration/data/v31x/v314.php | 32 |
6 files changed, 86 insertions, 0 deletions
diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 0e6a963f98..88df39a6d5 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -113,6 +113,10 @@ <a name="v313"></a><h3>Changes since 3.1.3</h3> + <h4>Security</h4> + <ul> + <li>[SECURITY-180] - An insufficient check allowed users of the Google Chrome browser to be redirected to external domains (e.g. on login)</li> + </ul> <h4>Bug</h4> <ul> <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-8050">PHPBB3-8050</a>] - Avatar & Long PM recipients list break out of template</li> @@ -2331,6 +2335,10 @@ <a name="v3013-PL1"></a><h3>Changes since 3.0.13-PL1</h3> +<h4>Security</h4> +<ul> +<li>[SECURITY-180] - An insufficient check allowed users of the Google Chrome browser to be redirected to external domains (e.g. on login)</li> +</ul> <h4>Bug</h4> <ul> <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13348">PHPBB3-13348</a>] - sql_freeresult() should be called in feed base class</li> diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index 0c52f82459..c5aebf011d 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -1173,6 +1173,7 @@ class postgres_extractor extends base_extractor $this->flush($sql_data . ";\n"); } } + $db->sql_freeresult($result); $sql_data = '-- Table: ' . $table_name . "\n"; $sql_data .= "DROP TABLE $table_name;\n"; diff --git a/phpBB/includes/mcp/mcp_reports.php b/phpBB/includes/mcp/mcp_reports.php index 804d48ea97..ccb54092b4 100644 --- a/phpBB/includes/mcp/mcp_reports.php +++ b/phpBB/includes/mcp/mcp_reports.php @@ -489,6 +489,7 @@ function close_report($report_id_list, $mode, $action, $pm = false) { $post_id_list[] = $row[$id_column]; } + $db->sql_freeresult($result); $post_id_list = array_unique($post_id_list); if ($pm) diff --git a/phpBB/language/en/migrator.php b/phpBB/language/en/migrator.php index f5a56816c2..244a5faadf 100644 --- a/phpBB/language/en/migrator.php +++ b/phpBB/language/en/migrator.php @@ -52,6 +52,13 @@ $lang = array_merge($lang, array( 'MIGRATION_SCHEMA_DONE' => 'Installed Schema: %1$s; Time: %2$.2f seconds', 'MIGRATION_SCHEMA_RUNNING' => 'Installing Schema: %s.', + 'MIGRATION_INVALID_DATA_MISSING_CONDITION' => 'A migration is invalid. An if statement helper is missing a condition.', + 'MIGRATION_INVALID_DATA_MISSING_STEP' => 'A migration is invalid. An if statement helper is missing a valid call to a migration step.', + 'MIGRATION_INVALID_DATA_CUSTOM_NOT_CALLABLE' => 'A migration is invalid. A custom callable function could not be called.', + 'MIGRATION_INVALID_DATA_UNKNOWN_TYPE' => 'A migration is invalid. An unknown migration tool type was encountered.', + 'MIGRATION_INVALID_DATA_UNDEFINED_TOOL' => 'A migration is invalid. An undefined migration tool was encountered.', + 'MIGRATION_INVALID_DATA_UNDEFINED_METHOD' => 'A migration is invalid. An undefined migration tool method was encountered.', + 'MODULE_ERROR' => 'An error occurred while creating a module: %s', 'MODULE_INFO_FILE_NOT_EXIST' => 'A required module info file is missing: %2$s', 'MODULE_NOT_EXIST' => 'A required module does not exist: %s', diff --git a/phpBB/phpbb/db/migration/data/v30x/release_3_0_14.php b/phpBB/phpbb/db/migration/data/v30x/release_3_0_14.php new file mode 100644 index 0000000000..51475f5a05 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v30x/release_3_0_14.php @@ -0,0 +1,37 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v30x; + +class release_3_0_14 extends \phpbb\db\migration\migration +{ + public function effectively_installed() + { + return phpbb_version_compare($this->config['version'], '3.0.14', '>=') && phpbb_version_compare($this->config['version'], '3.1.0-dev', '<'); + } + + static public function depends_on() + { + return array('\phpbb\db\migration\data\v30x\release_3_0_14_rc1'); + } + + public function update_data() + { + return array( + array('if', array( + phpbb_version_compare($this->config['version'], '3.0.14', '<'), + array('config.update', array('version', '3.0.14')), + )), + ); + } +} diff --git a/phpBB/phpbb/db/migration/data/v31x/v314.php b/phpBB/phpbb/db/migration/data/v31x/v314.php new file mode 100644 index 0000000000..b7793ca569 --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v31x/v314.php @@ -0,0 +1,32 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +namespace phpbb\db\migration\data\v31x; + +class v314 extends \phpbb\db\migration\migration +{ + static public function depends_on() + { + return array( + '\phpbb\db\migration\data\v30x\release_3_0_14', + '\phpbb\db\migration\data\v31x\v314rc2', + ); + } + + public function update_data() + { + return array( + array('config.update', array('version', '3.1.4')), + ); + } +} |