| Author |
Message |
duck
Involved
Joined: Jul 03, 2006
Posts: 273
|
 Posted:
Fri Jun 26, 2009 12:00 am |
|
Does it only include the Fix for the found Vulnerability or does it also include Fixes for the other issues already resolved since 2.3.1 release? |
| |
|
|
|
eldorado
Involved
Joined: Sep 10, 2008
Posts: 424
Location: France,Translator
|
| Posted:
Fri Jun 26, 2009 1:09 am |
|
Yey ,new version . Good job guys.
duck, check the updated files and file compare them with ravenphpscripts.com opened on a side window, might help you  . nah I'm kidding , I don't know.  |
| |
|
 |
|
kguske
Site Admin
Joined: Jun 04, 2004
Posts: 6433
|
| Posted:
Fri Jun 26, 2009 7:36 am |
|
|
|
|
|
duck
|
| Posted:
Fri Jun 26, 2009 1:02 pm |
|
I read the announcement but it only mentions the File Upload Manager so if that is your elaborate way of saying no then why not just say NO it would have saved you some typing. However seeing as how this is a new version number I would have thought it might included some other already resolved issues too? |
| |
|
|
|
|
kguske
|
| Posted:
Fri Jun 26, 2009 1:34 pm |
|
It isn't a new version. As the announcement details, it's an upgrade / fix to address a perceived security issue.
And, as I'm sure you are aware, Raven published the process for upgrades / fixes, so I guessed that your original question was your elaborate way of restating your desire to change that process.
Finally, the table name issue that led to this whole discussion was an installation issue. I'm sure the team would be open for suggestions on how to address that beyond the simple changes to the installation routine, which I'm sure you wouldn't want to rerun on your site. |
| |
|
|
|
|
duck
|
| Posted:
Fri Jun 26, 2009 2:04 pm |
|
Well its just that it was named FixPack to me a pack implies there may be more than one fix So I though maybe there were other fixes in it too besides the one mentioned. |
| |
|
|
|
|
eldorado
|
| Posted:
Fri Jun 26, 2009 2:35 pm |
|
you can always post a pack with all the fixes the members found here  |
| |
|
|
|
|
kguske
|
| Posted:
Fri Jun 26, 2009 2:45 pm |
|
I'm not sure why you would infer changes that aren't specified in the announcement, which is pretty clear on what's included.
Again, the fix you're referring to was an installation issue. Since most sites that had that issue resolved it by renaming the tables after installation, it doesn't make sense to address that in an upgrade.
Finally, I'd prefer to discontinue this rehashed discussion so we can focus on the next release, which will include much more than a single authorization fix. |
| |
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
|
| Posted:
Fri Jun 26, 2009 3:02 pm |
|
@duck - How would you suggest we name these releases?
Maybe we could use;
FixPack - one fix?
FixesPack - more than one fix?
What naming convention, in your opinion, removes all doubt as to what is released? |
| |
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Fri Jun 26, 2009 3:14 pm |
|
Duck,
Seriously, you need to let up a bit. You seem to want to hammer us about everything, big/little. While this is your prerogative it is definitely (un/counter)productive. Your presence here has helped many people and you have offered up a great deal of help. At other times you seem hell bent on stirring things up and ticking people off.
If you read the announcement in the forums it clearly states
"This change prevents the unauthorized uploading of files via the file manager identified by S. Electric. When used with RavenNuke(tm), the editor is configured to allow uploads for admins
Note that "change" is singular.
Then in the Change Log it states
2009-06-23 v2.30.02 Security/Fix/Maintenance Release for RavenNuke(tm) - Minor Enhancements Possible
===================================================
0001455: [Module - nukeWYSIWYG/FCKeditor] Prevent unauthorized uploads through FCKeditor identified by S. Electric (Kguske) - resolved.
I don't really believe it needs further clarification. |
| |
|
|
|
|
Raven
|
| Posted:
Fri Jun 26, 2009 3:20 pm |
|
@eldorado: As issues are identified and verified we enter a Mantis tracking issue. We then scope it to decide if it needs to be a special fix/security release or we will just include it in the next regular release.
@duck: For future reference, FixPack simply means it is a pack of one or more fix(es). The user must read the Change Log and/or other Documentation for the details. This is pretty standard in the Community and even Industry. |
| |
|
|
|
|
montego
Site Admin
Joined: Aug 29, 2004
Posts: 9457
Location: Arizona
|
| Posted:
Fri Jun 26, 2009 4:24 pm |
|
I have also mentioned elsewhere that we are going to be looking at our release cycle internally starting with the 2.4.0 release. We know that there is a better way to do this, but we already had way too many changes to our trunk since 2.3.1 went out, that it was more risky to try and port those over to a patch release.
We just ask that you give us a little benefit of the doubt and give us time to get straight on a few things. Ok? |
_________________
Where Do YOU Stand?
HTML Newsletter::ShortLinks::Mailer::Downloads and more... |
|
|
|
|
nuken
RavenNuke(tm) Development Team
Joined: Mar 11, 2007
Posts: 2024
Location: North Carolina
|
| Posted:
Fri Jun 26, 2009 5:01 pm |
|
I think you guys are doing a fine job.... I'm just overjoyed that y'all are working on RavenNuke. Ever how you decide to release it will be fine with me....  |
_________________
Tricked Out News |
|
|
|
|
eldorado
|
| Posted:
Sat Jun 27, 2009 3:30 pm |
|
Raven, I know , thats why I said Good Job :p Don't be so paranoid , the second one was a bit sarcastic. |
| |
|
|
|
|
Raven
|
| Posted:
Sat Jun 27, 2009 3:41 pm |
|
Just the facts, plain and simple - No paranoia; no sarcasm. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
