Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: serialize problem in bridge file (phpbb) related to security issue with php  (Read 3684 times)

0 Members and 1 Guest are viewing this topic.

Joe Belmaati

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 65
    • http://www.belmaati.com
serialize problem in bridge file (phpbb) related to security issue with php
« on: December 23, 2004, 02:45:21 am »
The security flaw in php <4.3.10 has caused me to add a fix to my phpbb per this hack:

http://phpbbstyles.com/viewtopic.php?t=1904

Supposedly it fixes the known seciurity problems with php<4.3.10 but it also breaks the bridge file. Is there a fix around for this...?

Sincerely, and thank you very much!
Joe Belmaati
Copenhagen Denmark
Logged

Nibbler

  • Guest
Re: serialize problem in bridge file (phpbb) related to security issue with php
« Reply #1 on: December 23, 2004, 01:22:33 pm »
By the looks of it you can do the same with the bridge file, add the array
_unserialize function and change the call to unserialize to array_unserialize.
Logged

Joe Belmaati

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 65
    • http://www.belmaati.com
Re: serialize problem in bridge file (phpbb) related to security issue with php
« Reply #2 on: December 23, 2004, 02:46:36 pm »
Where would I add the function - in the bridge file right before the unserialize?
Logged

Nibbler

  • Guest
Re: serialize problem in bridge file (phpbb) related to security issue with php
« Reply #3 on: December 23, 2004, 02:51:01 pm »
Add it just before function udb_authenticate()
Logged
Pages: [1]   Go Up
« previous next »
 

Page created in 0.014 seconds with 15 queries.