Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


WHMCS 5.3.6 & 5.2.17 - Security Advisory TSR-2014-0002 (Security Updates)
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

WHMCS 5.3.6 & 5.2.17 - Security Advisory TSR-2014-0002 (Security Updates)

jmginerjmginer Member, Patron Provider

An update for WHMCS as just released to address various security vulnerabilities and it is recommended that you update as soon as possible.

http://blog.whmcs.com/?t=87326

==

Incremental patches can be downloaded by following the links below.

These patch sets contain only the files that have changed between the previous release and this update. The previous release version that these patch sets are designed for is clearly indicated as the first and smaller number.

5.3.5 --> 5.3.6 http://go.whmcs.com/378/v535_incremental_to_v536_patch
MD5 Checksum: 42dd3cd44e1fc9308e9b7ecb0a3b956d

5.2.16 --> 5.2.17 http://go.whmcs.com/374/v5216_incremental_to_v5217_patch
MD5 Checksum: 542b2eb940066317d3190e2cf9986ee0



Need a patch for an older version? Visit our downloads page: http://download.whmcs.com/



To apply a patch set release, download the files as indicated above. Then follow the upgrade instructions for a "Patch Set" which can be found at http://docs.whmcs.com/Upgrading#For_a_Patch_Set





Full Release - What is a Full Release?



A full release distribution contains all the files of a WHMCS product installation. It can be used to both perform a new installation or update an existing one (regardless of previous version).

5.3.6 Full Version - Download Now http://download.whmcs.com/
MD5 Checksum: 4a136a87e2c360350daa2cf7d8b7a048



To apply a full release, download the release from the URL above. Then follow the upgrade instructions for a "Full Release Version" which can be found at http://docs.whmcs.com/Upgrading#For_a_Full_Release_Version





Security Issue Information



The security changes in these releases address 11 privately reported issues through our security bounty program, and 1 issue discovered internally by the WHMCS Development Team. The issues addressed are rated as having Moderate to Trivial security impact.



Once sufficient time has passed to allow WHMCS customers to update their installed software, WHMCS will release additional information regarding the nature of the security issues.





Maintenance Issue Information



This release also provides resolution for a number of maintenance issues. For full details please refer to the change logs for each respective version:



All published and supported versions of WHMCS prior to 5.3.6 are affected by one or more of these maintenance and security issues.

Comments

  • WorldWorld Veteran

    WHMCS...Ah..

  • BlazeMuisBlazeMuis Member
    edited March 2014

    I've updated like 30 minutes ago, But for some reason I'm now getting a popup that there is an update available for 5.3.6 -.- " (I'm running 5.2.17)

  • Disclosure. The following message is sarcastic.

    <3 WHMCS. It features amazing security and willingness to help with anything you're having problems with! :)

  • mikegmikeg Member

    joodle said: I've updated like 30 minutes ago, But for some reason I'm now getting a popup that there is an update available for 5.3.6 -.- " (I'm running 5.2.17)

    That will continue to pop-up until you select "Do not show again until new updates are available"

  • GIANT_CRABGIANT_CRAB Member
    edited March 2014

    They should consider making an auto updater for fuck sake. (Maybe a perl script thingy to update all that shit.)

  • IceCreamIceCream Member
    edited March 2014

    Oh god WHMCS. This shitty and unsecur... eh I mean wow so secure wow much $$$ best #1
    Sad that the most hosters still use that. Aww...

    Thanked by 1Licensecart
  • Is upgrading from 5.2.16 --> 5.2.17 the same as upgrading from 5.3.5 --> 5.3.6 ??

  • @PremiumN said:
    Is upgrading from 5.2.16 --> 5.2.17 the same as upgrading from 5.3.5 --> 5.3.6 ??

    As far as the security updates are concerned, yes.

  • jmginerjmginer Member, Patron Provider
    edited March 2014

    After the upgrade, the "Login as Client" option, return password error, Same for anybody?

  • jmginerjmginer Member, Patron Provider
    edited March 2014

    After the upgrade, the "Login as Client" option, return password error, Same for anybody?

  • @jmginer said:
    After the upgrade, the "Login as Client" option, return password error, Same for anybody?

    Works for me.

  • NetxonsNetxons Member
    edited March 2014

    @jmginer said:
    After the upgrade, the "Login as Client" option, return password error, Same for anybody?

    >

    Works for me too.

Sign In or Register to comment.