PunBB Changelog

New in version 1.3.4

May 21st, 2009
  • The main change since 1.3.3 is the fix of the possible XSS vulnerability in profile.php on password and e-mail change (reported by Richard Sammet). As usual, the hotfix for older versions is released as well, which resolves the same security issue.

New in version 1.3.3 (April 17th, 2009)

  • a lot of bugs fixed (CSS & markup, defects in language files, correct response header placement upon errors, hook rearrangements, parsing posts in feeds, correct language pack detection during the final stage of the install process;
  • contains fixes of security flaws (which were fixed by hotfixes in previous versions);
  • it is now possible to limit searches to topic subjects or message bodies;
  • users are not allowed to change their e-mails without entering their passwords first.