[34157] in bugtraq
Re: YabbSE (3 on 1)
daemon@ATHENA.MIT.EDU (David)
Wed Mar 17 14:56:37 2004
Date: 17 Mar 2004 17:25:36 -0000
Message-ID: <20040317172536.10026.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: David <david@simplemachines.org>
To: bugtraq@securityfocus.com
In-Reply-To: <001701c3ff72$1270c1c0$461e5a0a@desanet69>
Hi,
Developers were never contacted regarding this vulnerability.
Currently the solution would be for users to upgrade to SMF version
1.0 Public Beta 4. YaBB SE development has ended and a fix will not be
released. We consider SMF a logical upgrade path and the vulnerability
is not reproducible in it. While SMF is technically beta software it is
considered very stable in terms of how beta software goes.
David Recordon
Project Manager
Simple Machines
david@simplemachines.org
http://www.simplemachines.org
