I updated our forums to the latest full release today. It fixes several PHP 4.13 bugs and a host of other smaller issues. As always let us know if you expierence anything strange and I'll take a look into it.
Changes:
- Prevented full path display on critical messages
- Fixed full path disclosure in username handling caused by a PHP 4.3.10 bug
- Added exclude list to unsetting globals (if register_globals is on)
- Fixed arbitrary file disclosure vulnerability in avatar handling functions
- Fixed arbitrary file unlink vulnerability in avatar handling functions
- Removed version number from powered by line
- Fixed path disclosure bug in search.php caused by a PHP 4.3.10 bug
- Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug