PDA

View Full Version : 5.1.6 & 5.2.3 Security updates



Andy
10-12-2010, 02:48 PM
A (face-palm worthy) vulnerability in the script has been reported and fixed. It affects all versions of AV Arcade prior to this update. It is important you update to protect your site. Only 4 files need to be uploaded so it's very easy.

To think we almost made it to AV Arcade Pro's first birthday without any security issues being found!

The update is available in the customer area as usual: http://www.avscripts.net/store/customers/

vizdo
10-12-2010, 03:01 PM
Archive is unknown format or damaged

Av Arcade 5.2.3

alonjx
10-12-2010, 03:02 PM
thx andy!!!!

Andy
10-12-2010, 03:07 PM
Reuploaded, sorry about that. Silly archive manager.

vizdo
10-12-2010, 03:10 PM
Thank you, Andy! ;)

TMGen
10-12-2010, 07:46 PM
What was this security threat based around, which files?

Andy
10-12-2010, 09:51 PM
Details in the zip, best to keep the info there I think.

Bad Wolf
10-12-2010, 11:18 PM
Details in the zip, best to keep the info there I think.

Man I cant find this update anyplace in your store Andy. Have you thought of putting in a store thats a little easier to navigate? :(

Tigerbite
10-13-2010, 12:17 AM
I agree with Bad Wolf, I always get lost in that thing! :P
Is there an actual download for just the update? Or do we have to download the entire script? Because I'm not finding the updated files anywhere.

barytone
10-13-2010, 01:03 AM
Me neither! Where is that update file?

Marl
10-13-2010, 08:43 AM
I see no problem downloading the zip file on customer area and re-uploading the updated files. All smooth here.

ipodman
10-13-2010, 09:13 AM
Thanks Andy for a quick update!

Its actually rather easy to download the files [Once youve found out how, and remembered!)

Post made to the world on AA :-)

santiagorooks
10-13-2010, 12:36 PM
I cant find it either. Where exactly is it located?

Andy
10-13-2010, 12:50 PM
When there's an update, I just update the main download. To maintain a ton of zip files for upgrading each version would be a chore.

Downloads are in the customer area. Click 'packages' followed by 'Downloads' next to your license.

Bad Wolf
10-13-2010, 02:23 PM
When there's an update, I just update the main download. To maintain a ton of zip files for upgrading each version would be a chore.

Downloads are in the customer area. Click 'packages' followed by 'Downloads' next to your license.

Ah ha! Thanx bro, found it now.

Tigerbite
10-13-2010, 04:19 PM
At work and haven't had a chance to download the newest zip. I'm guessing there's a readme or install file that tells you which files to upload? Looking for a confirmation! Or I can just find out when I get home :)

LuisAlberto
10-14-2010, 09:27 AM
Thanks Andy :)

guinatal
10-14-2010, 08:18 PM
very easy to upload! thanks!

iMage
10-15-2010, 07:00 PM
thanks for this update Andy.. easily implimented

espaljuegos
10-18-2010, 04:28 AM
In the Admin control panel, I have this advice:

You are running AV Arcade Pro 5.2.2

Is that normal? I've install the full recenlty downloaded package, with all the files...

barytone
10-18-2010, 03:21 PM
Looks like not! :P Just re-upload admin/pages/home.php

espaljuegos
10-18-2010, 05:25 PM
Thanks guy, now I've downloaded it and I can see the files to be changed ;)
Cheers!

luan7749
10-20-2010, 02:32 PM
Thank bro, but what about 5.3 Beta in customer area ?

Andy
10-20-2010, 02:36 PM
It's not fixed yet but the beta isn't for use on public sites.

luan7749
10-20-2010, 02:37 PM
I edited some file in 5.2.2 version. I don't want to change they again. Please tell me which files need update ? ( 4 file need uploaded )

barytone
10-20-2010, 10:21 PM
Check the updated files document in the 5.2 package in the customer area, it's written which files to update :)

neonice
10-25-2010, 09:51 AM
thanks andy!

salvador
10-25-2010, 06:29 PM
hi,

some time back i downloaded the updated and looked into the changed files. i could no easily see the changes done.

i think i would be best, if the risks/reason itself would have been described, either here or in the archive. as some of us use heavily changed versions it is not that clear, *where* the problem is/was to check/fix the own version.

regards,
thomas.

Andy
10-25-2010, 06:56 PM
Well the changes to those files are actually right at the top. A couple of lines have been added.

sourcez
11-12-2010, 09:39 AM
Thanks!

Is there any kind of mailing list we can sign up to for service updates etc? Or is it only through checking the admin panel?