Version updated to cover file access security added for all admin files and a few minor bug fixes, with 2.7 i have released a patch for PHP-Nuke 7.6.
To clarify a doubt some users have expressed in the past, these patches are not meant to be used for upgrading your current PHP-Nuke version as not all files are included, you should download the patch for your version of Nuke only.
Download links available in one of the top center blocks of this website.
Related
Re: PHP-Nuke Patched 2.7 (Score: 1) |  | Thanks Chatserv for the glue that binds it all together! |
Re: PHP-Nuke Patched 2.7 (Score: 1) | | When Chat updates the pacthed versions, does he go back to versions such as 6.9 and update? |
| Re: PHP-Nuke Patched 2.7 (Score: 1) by Raven (raven (_AT_) ravenphpscripts (_DOT_) com) on Thursday, November 25, 2004 @ 07:16:07 CST (User Info | Send a Message) | |
Yes, if they apply. |
Re: PHP-Nuke Patched 2.7 (Score: 1) | | Were all the recent security updates posted on this site included in this patched version? Also is 7.6 now secure to use because we need to load a fresh version and are not sure what to go with. |
| Re: PHP-Nuke Patched 2.7 (Score: 1) by Raven (raven (_AT_) ravenphpscripts (_DOT_) com) on Monday, November 29, 2004 @ 16:53:03 CST (User Info | Send a Message) | |
v7.6 has been patched to v2.6. |
| Re: PHP-Nuke Patched 2.7 (Score: 1) by mattcampbell on Monday, November 29, 2004 @ 17:41:01 CST (User Info | Send a Message) | |
Raven, I think you misunderstood. I was asking whether all the recent security updates posted on this site have been included in the 2.7 patch? AND COULD YOU ALSO PROVIDE FEEDBACK ON THE FOLLOWING: Is PHP-NUke 7.6 with 2.7 patch now secure to use? I need to load a fresh version and are not sure which one to go with. Thanks, Matt |
| Re: PHP-Nuke Patched 2.7 (Score: 1) by chatserv on Monday, November 29, 2004 @ 18:22:01 CST (User Info | Send a Message) http://www.scriptheaven.net | |
Ok i think i should be the one to reply here since i make the patch, please allow me to explain this as best as humanly possible. Let's us start with the premise that NO CMS is 100% secure, if it can be accessed through the net it is vulnerable in one way or the other, as perfectly coded as X or Y CMS might be it only requires a minor mistake on the end-user's part (i.e. incorrect chmod permissions, using easy to guess passwords, etc...) to make it prone to any of multiple attacks. Now let's go to the patch, it too is not 100% secure, look at it like a antivirus program, it can catch anything that has been developed to tamper and/or damage your system but new definitions come out for them for the simple reason that new attacks are deviced regularly and coders can overlook a particular detail that at simple view seems harmless enough. Nuke Patched was originally developed with Nuke's old admin structure in mind and had been secured to fend off every known attack in existance at the time of development, new versions have been released, look at them as new definitions, new attacks are discovered and an attempt is made to protect Nuke against them. Now Nuke 7.5 and 7.6 incorporate a modular admin system, it alters the pattern, sure, but what had been done in the original patches got carried over so the basics are covered, as for the possibility of the files being located elsewhere causing said files to be vulnerable, code has been added to help avoid that happening. Maybe you or many others will say he could have just answered with the following line and spare us all that rambling, but no, i felt i had to cover those points, with that said: Is Nuke 7.6 along with Nuke Patched 2.7 safe to use? Yes, as safe as using previous versions of both products in conjunction. Hope this has been of any help. |
| Re: PHP-Nuke Patched 2.7 (Score: 1) by mattcampbell on Monday, November 29, 2004 @ 19:18:26 CST (User Info | Send a Message) | |
Chatserv, Thanks for your reply. I think we will go with 7.6 then and ensure we always update with your patches. Also I have been trying to get an answer to the following question and you're probably the best person to answer this: Do you provide fixes for just general (ie non-security) bugs that are reported on sites like ravenphpscipts and your own sites? If so are these included in the patches (like 2.7)? Its just that there have been a number of bugs reported for 7.6 on this website in particular which I would have hoped are included in one easily installed patch. Is this the case? Raven has stated that you watch these forums for bug reports but not whether you included them in your patches. Thanks, Matt |
| Re: PHP-Nuke Patched 2.7 (Score: 1) by chatserv on Monday, November 29, 2004 @ 19:38:25 CST (User Info | Send a Message) http://www.scriptheaven.net | |
Yes, i keep an eye out for all reports made to Nuke related sites as well as the so called security sites, if a fix is provided by anyone i add it if it does in fact solve the issue, else a fix is issued so if the bug has reached me it most likely has been taken care of. |
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
