Build #7,341

Plan branch:
Tests pending pull requests

Build: #7341 failed Manual run by Build Robot

Code commits

phpBB Ascraeus

  • Marc

    Marc 65aaef1f83920fc25266fbea5608427bb930f329

    Merge branch 'prep-release-3.1.11' into 3.1.x

  • Marc

    Marc 149375253685b3a38996f63015a74b7a0f53aa14 m

    [prep-release-3.1.11] Add migration for 3.1.11

    • phpBB/phpbb/db/migration/data/v31x/v3111.php (version 149375253685b3a38996f63015a74b7a0f53aa14)
  • Marc

    Marc 3df3cb87c5066b6913619c18f8f612677c3e6ec4 m

    [prep-release-3.1.11] Update version numbers to 3.1.11

    • build/build.xml (version 3df3cb87c5066b6913619c18f8f612677c3e6ec4)
    • phpBB/includes/constants.php (version 3df3cb87c5066b6913619c18f8f612677c3e6ec4)
    • phpBB/install/schemas/schema_data.sql (version 3df3cb87c5066b6913619c18f8f612677c3e6ec4)
  • Marc

    Marc 0b405a2cdc108a42a3d1d49218b733a76f6c2237 m

    Merge pull request #38 from phpbb/ticket/security/210
    [ticket/security/210] Prevent using IP addresses or ports for remote avatar

  • Marc

    Marc 4ed45c4e1276335ff6581a4db58b0173c9905528 m

    Merge pull request #32 from phpbb/ticket/security-203
    [ticket/security-203] Fully validate version check data in version helper

  • Marc

    Marc c99820eb6b13e928fdc2138840e0ec77cd4fe6c9 m

    Merge pull request #29 from phpbb/ticket/security-181
    [ticket/security-181] Harden protection of migrations files and other directories

  • Marc

    Marc 0ec5e2197908d69bfa18a0e257131e967cd96ec4 m

    Merge pull request #37 from phpbb/ticket/security/208
    [ticket/security/208] Add form key to password reset form

  • Marc

    Marc c1d835b6b4a8d1cc987842725e3442b627f81796 m

    Merge pull request #36 from phpbb/ticket/security/124
    [ticket/security/124] Filter out disallowed search query items

  • Marc

    Marc fa631947f15754a50379598d83cb237bbfac2cca m

    [ticket/security/210] Adjust regex and add tests for IPv6
    SECURITY-210

    • phpBB/phpbb/avatar/driver/remote.php (version fa631947f15754a50379598d83cb237bbfac2cca)
    • phpBB/phpbb/avatar/driver/upload.php (version fa631947f15754a50379598d83cb237bbfac2cca)
    • tests/avatar/manager_test.php (version fa631947f15754a50379598d83cb237bbfac2cca)
  • Marc

    Marc a281d526dc6cf48011c1d9e04399848f7c0c08c2 m

    [ticket/security/210] Prevent using IP addresses or ports for remote avatar
    SECURITY-210

    • phpBB/phpbb/avatar/driver/remote.php (version a281d526dc6cf48011c1d9e04399848f7c0c08c2)
    • phpBB/phpbb/avatar/driver/upload.php (version a281d526dc6cf48011c1d9e04399848f7c0c08c2)
    • tests/avatar/manager_test.php (version a281d526dc6cf48011c1d9e04399848f7c0c08c2)
  • Marc

    Marc 41df4d3c4c2d387a5382c132219115891d78ed60 m

    [ticket/security/208] Add form key to password reset form
    SECURITY-208

    • phpBB/includes/ucp/ucp_remind.php (version 41df4d3c4c2d387a5382c132219115891d78ed60)
  • Marc

    Marc 4303ae9ae6910d848af92a50bf51c4e43accae73 m

    [ticket/security/124] Filter out disallowed search query items
    SECURITY-124

    • phpBB/phpbb/search/fulltext_mysql.php (version 4303ae9ae6910d848af92a50bf51c4e43accae73)
  • Marc

    Marc 1dea4625d0f958787c6357bef84a6d7a5453fe5f m

    [ticket/security-181] Update wording in INSTALL.html
    SECURITY-181

    • phpBB/docs/INSTALL.html (version 1dea4625d0f958787c6357bef84a6d7a5453fe5f)
  • Marc

    Marc 90a77ba9d3e97718e9da7d1ee95ece4e756d26b7 m

    [ticket/security-203] Allow more characters for branch names
    SECURITY-203

    • phpBB/phpbb/version_helper.php (version 90a77ba9d3e97718e9da7d1ee95ece4e756d26b7)
  • Marc

    Marc ad251e4590744b0927019ae935c92c7101aa7678 m

    [ticket/security-203] Do not add null values to versions info
    Also stopped using reference for validate_versions() method argument.

    SECURTIY-203

    • phpBB/phpbb/version_helper.php (version ad251e4590744b0927019ae935c92c7101aa7678)
    • tests/version/version_helper_remote_test.php (version ad251e4590744b0927019ae935c92c7101aa7678)
  • Marc

    Marc 658820654f5789a786a5537c1b43991744b83d2c m

    [ticket/security-203] Fully validate version check data in version helper
    This will also take care of SECURITY-204 as it's the same underlying issue.
    Admins still need to ensure they don't visit malicious sites for URLs
    provided by extensions.

    SECURITY-203

    • phpBB/includes/functions.php (version 658820654f5789a786a5537c1b43991744b83d2c)
    • phpBB/language/en/acp/common.php (version 658820654f5789a786a5537c1b43991744b83d2c)
    • phpBB/phpbb/version_helper.php (version 658820654f5789a786a5537c1b43991744b83d2c)
    • tests/version/version_helper_remote_test.php (version 658820654f5789a786a5537c1b43991744b83d2c)
  • Marc

    Marc 44dd1ef9842c83f7ba4a37bf4a17489d5fe73991 m

    [ticket/security-181] Update INSTALL.html to ask for more secure apache config
    SECURITY-181

    • phpBB/docs/INSTALL.html (version 44dd1ef9842c83f7ba4a37bf4a17489d5fe73991)
    • phpBB/docs/assets/css/stylesheet.css (version 44dd1ef9842c83f7ba4a37bf4a17489d5fe73991)
  • Marc

    Marc 7ba9b06881ddd70bd3b10e2785b91908e851cdaa m

    [ticket/security-181] Port .htaccess changes to other webserver types
    SECURITY-181

    • phpBB/docs/lighttpd.sample.conf (version 7ba9b06881ddd70bd3b10e2785b91908e851cdaa)
    • phpBB/docs/nginx.sample.conf (version 7ba9b06881ddd70bd3b10e2785b91908e851cdaa)
    • phpBB/web.config (version 7ba9b06881ddd70bd3b10e2785b91908e851cdaa)
  • Marc

    Marc 61683f895cff778d722175a8e5ddd2a5facbc42f m

    [ticket/security-181] Deny access to migrations folders
    SECURITY-181

    • phpBB/phpbb/db/migration/data/v30x/.htaccess (version 61683f895cff778d722175a8e5ddd2a5facbc42f)
    • phpBB/phpbb/db/migration/data/v310/.htaccess (version 61683f895cff778d722175a8e5ddd2a5facbc42f)
    • phpBB/phpbb/db/migration/data/v31x/.htaccess (version 61683f895cff778d722175a8e5ddd2a5facbc42f)