1. Guest, as per the stickied thread, this forum has not been in use since 2014. All bugs and feature requests should be posted to JIRA.

Feature "At this stage there is no fix for 1.7.10 or below" - please patch for 1.7.10

Discussion in 'Bugs & Feature Requests' started by minecraft7net, May 2, 2015.

  1. minecraft7net

    Supporter

    Hi,

    can someone make a patch for 1.7.10 ?

    "At this stage there is no fix for 1.7.10 or below".

    "..."
    For security reasons it is recommended that all users upgrade to Minecraft 1.8.3 by re-running BuildTools. A fix for 1.8 is also available via the --rev 1.8 argument. At this stage there is no fix for 1.7.10 or below, however given these builds have been unsupported for more than 7 months, we recommend that all servers look into upgrading. For those using Vanilla, a 1.8.4 version with these same fixes has been released by Mojang.
    "..."

    make upgrade for whole minecraft network its a month of work, i have 15 servers with alot of games that are still only for 1.7.x.

    last time there was a patch for a lot of things like holographics and echopet :) meybe someone provide patch for 1.7.10 too ? :)
     
  2. JamesJ

    Supporter

    They've said they wont, so why would they for you?
     
  3. minecraft7net

    Supporter

    becouse i have still servers with 1.6.4 and 1.7.10 connected via bungeecord ? :) and i can't upgrade to 1.8.x becouse plugins/games and mods dependencies.
     
  4. If you get your plugins working, then you might consider using plugin ProtocolSupport to provide comp. back to 1.5.2.
    Otherwise, I dont understand why they dont make it...
     
  5. minecraft7net

    Supporter

    #6 minecraft7net, May 2, 2015
    Last edited: May 2, 2015
  6. joshwenke

    Wiki Team

    The patch prevents using books to compromise a server. If you disable people making books or inform any OPs on the server not to click on links in books, or just disable the /op command and all other sensitive commands in-game, you should be fine.
     
  7. minecraft7net

    Supporter


    OK - thanks for describe problem. its ok for me, becouse i'm only one admin/op and i didnt share books with players.

    so if anyone has separate accounts for build/moderate and test/play thereis no HIGH problem.
     
  8. joshwenke

    Wiki Team

    Good, I wouldn't worry about it. Just be on the lookout for that exploit if you're running older versions of Minecraft. This patch basically disables command-links in books.
     
  9. It's not JSON books that you have to worry about being unpatched. It's the NBT overflow exploit that can crash a server if someone sends some malicious data. That's what the announcement at the top of spigot was referencing.
     
  10. I think NBT overflow exploit is a EXTREME Case. Which they said they would fix an issue if its an EXTREME Case.
     
    • Agree Agree x 1