After nearly 2 months of development FUDforum 2.6.14 is finally out. Aside from the usual bug fixes this release includes a number of important improvements, such as full support for PHP 5.1 and introduction of a PDO database driver support, which enables FUDforum to talk with SQLite in addition to MySQL and PostgreSQL. In addition to all of the changes in found in RC1 and RC2 there is a small number of modification made since then, a list of which can be found below. The installer and the upgrade script can be found at their usual locations at: http://fudforum.org/download.php and all FUDforum users are encouraged to upgrade. Post RC2 Changes A series of fixes for the PDO SQLite driver. Fixed the phpBB2 conversion script. Added the ability to clear tracker for the NNTP import. Remove pointless JavaScript header in full-body e-mail notification, that triggered some spam filters (SpamAssassin). Fixed DB detection in the installer, when only one database driver is available. Added FUD API...

Spent the entire Sunday at the Molson Indy in Toronto, here is the photographic evidence. For the most part it was a rather enjoyable show, the main regret is the fact that this year another layer of netting was put up keeping the regular folk like me even further from the track, a closer look, costs $160+ a pop. Interestingly enough the best spot to see the most difficult track is from a non-paying zone on a little hill. Some of the latter photos were taken from there.

It seems web hosting companies are finally coming to grips with something most security experts have known for quite some time, phpBB is inherently insecure. According to Netcraft some are taking the steps to prevent further exploitation via this application by banning its usage on their servers. As per usual phpBB developer's response, they are denying blame and claim such moves are unwarranted, but given their security record during the past 6 months alone this is hardly surprising. Not only are new issues being found, because the developers can't seem to do an security audit, but new versions re-introduce bugs (2.0.15 re-introduced the flaw exploited by Santy worm) that have previously been solved. I hope other hosting providers will take notice and adopt the same strategy, not only for phpBB2 but for any application with a consistent history of security faults for which the developers do not wish to take responsiblity for. As well as failing to take the time to conduct an extensive security audit...