Bug 11818

Summary: Forum security update required - phpbb 3.0.8 -> 3.0.12
Product: Websites Reporter: Florian Hubold <doktor5000>
Component: forums.mageia.orgAssignee: Forums Team <forums-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: critical    
Priority: High CC: doktor5000, maat-ml, sysadmin-bugs
Version: trunk   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: CVE:
Status comment:

Description Florian Hubold 2013-11-29 17:15:13 CET 
Hi all,

currently we're lagging 4 minor versions behind. Who will fix this security issue?
Comment 1 Maat 2013-11-30 14:21:23 CET 
Hi,

To complete and precise the situation : in git we are only laggin one minor version 3.0.11 / 3.0.12

The 3.0.11 has been committed and pushed already (early june 2012 :-/)

We are still waiting for a pre-production environment to test 3.0.8 -> 3.0.11 upgrade on real data in near production conditions to make sure we will not break everything with this update.

I'm going to add 3.0.11 -> 3.0.12 patchset in git but without a little bit of sysadmin magic we will stay with 3.0.8 in production

-> Once we have the mean to test properly we will then be able to test 3.0.12 straight away (no need to test 3.0.11 then 3.0.12)

Stay tuned

Status: NEW => ASSIGNED
CC: (none) => maat-ml

Comment 2 Maat 2013-11-30 16:06:43 CET 
3.0.12 is pushed and we are testing for regressions...

(Thanks to Colin for his great help)

ST
Comment 3 Maat 2013-12-02 22:10:56 CET 
3.0.12 pushed in production for both /en and /de forums

Hope there will not be unplotted regressions...

Enjoy

(thanks x2 to Colin ^^)
Comment 4 Florian Hubold 2013-12-02 22:22:27 CET 
Thanks bunches to colin and maat \o/

:)

Status: ASSIGNED => RESOLVED
CC: (none) => doktor5000
Resolution: (none) => FIXED