• Register
    • Help

    striker  0 Items
    Currently Supporting
    • Home
    • News
      • VaultWiki News
      • Visit the Wiki
    • Forum
    • Wiki
    • Support
    • What's New?
    • Buy Now
    • Manual
    • 
    • Home
    • VaultWiki News

    1. Welcome to VaultWiki.org, home of the wiki add-on for vBulletin and XenForo!

      VaultWiki allows your existing forum users to collaborate on creating and managing a site's content pages. VaultWiki is a fully-featured and fully-supported wiki solution for vBulletin and XenForo.

      The VaultWiki Team encourages you to join our community of forum administrators and check out VaultWiki for yourself.

    • pegasus

      VaultWiki 4.1.x and XenForo 2 Support 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on January 1, 2019 3:33 PM

      VaultWiki 4.1.x is here! As of today, Alpha 1 is available to customers with an active license. We invite you to join the public alpha and help us get 4.1.x ready for production.

      For a list of changes in this release, please see Changelog for 4.1.0 Alpha 1. If you are a style or language pack maintainer, packs designed for VaultWiki 4.0.x will need to be thoroughly updated for compatibility with VaultWiki 4.1.x.

      Below is a partial list of some of the new features in 4.1.x. These and other features may be discussed in more depth in future articles.

      XenForo 2.0.x Support

      This new version introduces support for XenForo 2.0.x environments (XenForo 2.1.x support will be added in the near future). You may install it like you would any XenForo 2 add-on. However, please do not attempt to use it with XenForo 2's command-line install or upgrade unless you are using XenForo 2.0.12 or higher; there is a bug in previous versions of XenForo which will prevent the process from completing successfully and will damage your forum.

      Feed Portal

      By request, we now include a separate forum tab which offers unified lists of the most recent collaborative and personal feed entries. This brings feed content closer to the user, making it easier to find wiki content shared in this way. It also makes it easier to use feeds as a replacement for blogs or news.

      Like Everything

      Users on XenForo forums are now able to like everything from individual edits to feed entries and everything in between. Liking a page or a feed will also give credit to a few recent contributors to that content.

      Version and Changelog Checking

      Version check results are now displayed in a persistent notice above all VaultWiki admin pages if a newer version is available. Beside the name of the new version, you will find a new link which will download a changelog for that version that has been customized for the version that you currently have installed. So the changelog only shows fixes for bugs that exist in your version, security vulnerabilities that affect your version, etc. We hope this will make it easier for customers to determine that there is a new version and to help them decide how soon they should upgrade.

      Release Notes

      VaultWiki 4.1.0 Alpha 1 is a significant update with major backend changes, new features, and is alpha software. We recommend that alpha software only be used in a test environment. During the alpha period, there may be frequent new builds, as often as daily, with which testers should try to keep up-to-date.

      VaultWiki 4.1 Preview 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on December 29, 2018 2:56 PM

      On December 23, we updated the main support site and the XenForo-based demo to run a preview of VaultWiki 4.1.0 Alpha 1. Throughout the past week, we have monitored error logs and behavior to ensure that the new version is functioning as intended.

      As of today, December 29, we have now updated the XenForo demo to XenForo 2.0, and have updated the VaultWiki preview accordingly. So starting today, you have your first chance to see VaultWiki running on a XenForo 2 forum! As before, we will be monitoring the installation for a few days to ensure that the new version is ready to ship.

      Feel free to try out the new version here or on our demo, see if you can find what's new, and report any bugs you encounter in the preview to our support area, as you normally would. Please do not post feature requests specific to the new version at this time.

      If the preview continues to go well, we expect that 4.1.0 Alpha 1 will be available to the general public for testing as soon as New Year's Eve.

      VaultWiki Security Update: October 2018 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on October 10, 2018 12:48 PM

      As of October 10, 2018, the regularly scheduled security patches for October are available.

      Issue List

      VWE-2018-4662 is a Permissions Escalation issue, where users who can disconnect children from node-types can also remove reports about those children. This issue affects VaultWiki 4.0.8 and higher, but only affects XenForo-based installations.

      VWE-2018-4666 is a Phishing issue, where it is possible to position user-generated content outside of its container by using specially-crafted custom sidebar block headings. This issue affects VaultWiki 4.0.0 RC 1 and higher, but does not affect Lite versions.

      VWE-2018-4667 is a Permissions Escalation issue, by which a user viewing a feed can view wiki content that they don't have permission to view, when that content appears within the viewed feed. This issue affects VaultWiki 4.0.0 and higher.

      VWE-2018-4670 is a Denial of Service Amplification issue, where a lack of limits on template usage may allow specially crafted wiki pages and underlying wiki templates to execute many thousands of MySQL queries on that wiki page, which may cause MySQL or PHP to become unresponsive under load. This issue affects all versions of VaultWiki running on XenForo-based installations, but does not affect Lite versions.

      VWE-2018-4671 is an On-Site Alert issue, by which an invalid key utilized by the alerts system may result in users receiving on-site alerts for modifications to watched content even though they have opted out via their Alert Preferences. This issue affects all versions of VaultWiki running on XenForo-based installations.

      VWE-2018-4673 is a GDPR-related issue, where VaultWiki's data storage and retention processes may be in conflict with the site's IP-address handling policy if the site's own processes and policies were written based on the XenForo admin options for IP pruning alone. The patch resolves the issue by making VaultWiki IP retention consistent with XenForo's IP pruning settings. The conflict exists in all versions of VaultWiki running on XenForo 1.2 and higher.

      Patches

      The following patches, issued October 8, 2018, address the aforementioned issues:
      • 4.0.24 Patch Level 1
      • 4.0.23 Patch Level 3
      • 4.0.22 Patch Level 5
      • 4.0.21 Patch Level 6
      • 4.0.20 Patch Level 9


      We recommend that all users running VaultWiki in a production environment update to a patched release.

      VaultWiki 4.0.24 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on September 7, 2018 12:14 PM

      VaultWiki 4.0.24 is available today to customers with an active license. This is primarily a maintenance release, containing about 50 bug fixes and style tweaks.

      For a list of changes in this release please see Changelog for 4.0.24. If you are a style or language pack maintainer, please check here for changes which may affect you.

      Release Notes

      The current release is 4.0.24, which should be usable on vBulletin-based and XenForo-based production sites.

      VaultWiki Security Update: August 2018 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on August 27, 2018 2:24 PM

      As of August 27, 2018, the regularly scheduled security patches for August are now available.

      Issue List

      VWE-2018-4625 is a Denial of Service Amplification issue, by which a distributed attack that posts comments to a single wiki discussion may be able to achieve denial of service, due to a flaw in the quick reply handler. Under vBulletin, the issue affects all prior versions of VaultWiki 4.x series. Under XenForo 1.x, the issue affects VaultWiki 4.0.0 Beta 7 and higher.

      VWE-2018-4626 is a Data Loss issue, where some database keys may not be successfully created. The issue affects the July 2018 patches.

      VWE-2018-4627 is a Data Loss issue, where the patches for VWE-2017-4033 do not successfully prevent accidental deletion of the wiki index or wiki areas and all contents, if not careful when using the Mass Delete function. The issue affects VaultWiki 4.0.18 and higher, but it does not affect Lite versions.

      VWE-2018-4630 is a Permissions Escalation issue, where if a user has permission to view a wiki node, that user can view an RSS feed which contains a list of its contents, even though the user does not have permission to view a list of the node's contents. The issue affects VaultWiki 4.0.0 Alpha 6 and higher.

      VWE-2018-4631 is a Data Loss issue, where when editing an existing integration, the already-injected content may not be selected. If the integration is saved without re-selecting the content, the existing integration would be removed. The issue affects VaultWiki 4.0.23 and higher, but it does not affect Lite versions.

      VWE-2018-4632 is a Permissions Escalation issue, where a fatal error after re-parenting an area may prevent area permissions from being inherited correctly. The issue affects VaultWiki 4.0.21 and higher, but it does not affect Lite versions.

      Patches

      The following patches, issued August 27, 2018, address the aforementioned issues:
      • 4.0.23 Patch Level 2
      • 4.0.22 Patch Level 4
      • 4.0.21 Patch Level 5
      • 4.0.20 Patch Level 8
      • 4.0.19 Patch Level 11*

      *A patch was issued for 4.0.19 even though it reached its end of life earlier this August, because at least one of the issues resolved by the patch was discovered prior to its end-of-life. However, we recommend that users upgrade to a more recent patched version.

      We highly recommend that all users running VaultWiki in a production environment update to a patched release.

      VaultWiki Security Update: July 2018 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on July 18, 2018 3:10 PM

      As of July 18, 2018, the regularly scheduled security patches for July are now available.

      Issue List

      VWE-2018-4610 is a Permissions Escalation issue, by which a user may be able to view link statistics for a page even though that user has no permission to view the same page. The issue affects all prior versions of VaultWiki 2.x, 3.x, and 4.x, but it does not affect Lite versions.

      VWE-2018-4614 is a Permissions Escalation issue, which could lead to Denial of Service. In some situations, disk space usage limits are not enforced. The issue affects VaultWiki 4.0.22 and higher, but it does not affect Lite versions.

      VWE-2018-4618 is a Permissions Escalation issue, by which a user can view templated content even though that user has no permission to view the template. The issue affects all prior versions of VaultWiki 2.x, 3.x, and 4.x, but it does not affect Lite versions. Note that after applying this patch, in order to view templated content, a user must have permission to view the contents of the area that contains the template.

      VWE-2018-4620 is a Legal issue, where under some versions of PHP, a user may be able to successfully upload a JPG image containing XMP metadata that is not preserved, as required by some laws, in resized versions of the image. The issue affects patches for VWE-2017-4030, and VaultWiki versions 4.0.20 and higher, but it does not affect Lite versions.

      Patches

      The following patches, issued July 18, 2018, address the aforementioned issues:
      • 4.0.23 Patch Level 1
      • 4.0.22 Patch Level 3
      • 4.0.21 Patch Level 4
      • 4.0.20 Patch Level 7
      • 4.0.19 Patch Level 10


      We highly recommend that all users running VaultWiki in a production environment update to a patched release.

      VaultWiki 4.0.23 

      by
      pegasus
      • View Profile
      • View Forum Posts
      • View Blog Entries
      • Visit Homepage
      • View Articles
      Published on June 25, 2018 12:54 PM

      As of June 13, 2018, VaultWiki 4.0.23 was released and is available to customers with an active license. This is primarily a maintenance release, containing about 20 bug fixes and style tweaks.

      For a list of changes in this release, please see Changelog for 4.0.23. If you are a style or language pack maintainer, please check here for changes which may affect you.

      Release Notes

      The current release is VaultWiki 4.0.23, which should be usable on vBulletin-based and XenForo-based production sites.
      Page 9 of 32 FirstFirst Previous ... 789101119 ... Next LastLast
    • Contact Us
    • License Agreement
    • Privacy
    • Terms
    • Top
    All times are GMT -4. The time now is 1:19 PM.
    This site uses cookies to help personalize content, to tailor your experience, and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Learn more… Accept Remind me later
  • striker
    Powered by vBulletin® Version 4.2.5 Beta 2
    Copyright © 2025 vBulletin Solutions Inc. All rights reserved.
    Search Engine Optimisation provided by DragonByte SEO (Pro) - vBulletin Mods & Addons Copyright © 2025 DragonByte Technologies Ltd.
    Copyright © 2008 - 2024 VaultWiki Team, Cracked Egg Studios, LLC.