Re: YabbSE (3 on 1)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: YabbSE (3 on 1)
From: David <david@xxxxxxxxxxxxxxxxxx>
Date: 17 Mar 2004 17:25:36 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

In-Reply-To: <001701c3ff72$1270c1c0$461e5a0a@desanet69>

Hi,
Developers were never contacted regarding this vulnerability.

Currently the solution would be for users to upgrade to SMF version 
1.0 Public Beta 4.  YaBB SE development has ended and a fix will not be 
released.  We consider SMF a logical upgrade path and the vulnerability 
is not reproducible in it.  While SMF is technically beta software it is 
considered very stable in terms of how beta software goes.

David Recordon
Project Manager
Simple Machines
david@xxxxxxxxxxxxxxxxxx
http://www.simplemachines.org

Prev by Date: SUSE Security Announcement: openssl (SuSE-SA:2004:007)
Next by Date: MDKSA-2004:023 - Updated openssl packages fix multiple vulnerabilities
Previous by thread: YabbSE (3 on 1)
Next by thread: [SECURITY] [DSA 452-1] New libapache-mod-python packages fix denial of service
Index(es):
- Date
- Thread