diff options
Diffstat (limited to 'CHANGES.txt')
-rw-r--r-- | CHANGES.txt | 91 |
1 files changed, 91 insertions, 0 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index af126c3d3..870c4f57d 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,3 +1,94 @@ +Version 1.8.5 +(May 17, 2012 from https://github.com/Elgg/Elgg/tree/1.8) + + Contributing Developers: + * Brett Profitt + * Evan Winslow + * Sem + * Steve Clay + * Jeroen Dalsem + * Jerome Bakker + + Security Enhancements: + * Fixed possible XSS vulnerability if using a crafted URL. + * Fixed exploit to bypass new user validation if using a crafted form. + * Fixed incorrect caching of access lists that could allow plugins + to show private entities to non-admin and non-owning users. (Non-exploitable) + + Bugfixes: + * Twitter API: New users are forwarded to the correct page after creating + an account with Twitter. + * Files: PDF files are downloaded as "inline" to display in the browser. + * Fixed possible duplication errors when writing metadata with multiple values. + * Fixed possible upgrade issue if using a plugin uses the system_log hooks. + * Fixed problems when enabling more than 50 metadata or annotations. + + API: + * River entries' timestamps use elgg_view_friendly_time() and can be + overridden with the friendly time output view. + +Version 1.8.4 +(April 24, 2012 from https://github.com/Elgg/Elgg/tree/1.8) + + Contributing Developers: + * Adayth Talavera + * Brett Profitt + * Cash Costello + * Evan Winslow + * Ismayil Khayredinov + * Janek Lasocki-Biczysko + * Jerome Baker + * Sem + * Steve Clay + * Webgalli + + Security Enhancements: + * Fixed an issue in the web services auth.get_token endpoint that + would give valid auth tokens to invalid credentials. Thanks to + Christian for reporting this! + * Fixed an that could show which plugins are loaded on a site. + + Enhancements: + * UI: All bundled plugins' list pages display a no content message if there is nothing to list. + * UI: Site default access is limited to core access levels. + * UI: Showing a system message to the admin if plugins are disabled with the "disabled" + magic file. + * UI: Added transparent backgrounds for files and pages icons. + * External (Site) Pages: If in Wall Garden mode, Site Pages use the Walled Garden + theme when logged out. + * UI: Database errors only show the query to admin users. + * UI: Cannot set the data path to a relative path in installation or site settings. + * UI: Cleaned up notifications for bundled plugins. + * UI: Hiding crop button if no avatar is uploaded. + * UI: Bundled plugins are displayed with a gold border in the plugin admin area. + * UI: Can see all the categories a plugin belongs to. + * Web Services: Multiple tokens allowed for users. + * API: More efficient entity loading. + * API: Added IP address to system log. + * API: Languages are cached. + * API: ElggBatch supports disabling offsets for callbacks that delete entities. + * API: Cleaned up the boot process. + * API: Fixed situation in which the cache isn't properly cleared if a file can't be unlinked. + + Bugfixes: + * UI: Tags display in the case they were saved. + * UI: Friendly titles keep -s. + * UI: Removed pagination in friends widget. + * UI: Profile settings actions correctly displays error messages as errors. + * UI: Tag search works for tags with spaces. + * UI: Fixed river display for friending that happens during registration. + * Groups: Link for managing join requests is restored in the sidebar. + * Walled Garden: Cron and web services endpoints are exposed as public sites. + * The Wire: UTF usernames are correctly linked with @ syntax. + * The Wire: No longer selecting the "Mine" tab for users who aren't you. + * Blogs: Notifications restored. + * Message Board: Fixed delete. + * Groups: Forwarding to correct page if trying to access closed group. + * API: entities loaded via elgg_get_entities_from_relationship() have the correct time_created. + * API: Deleting entities recursively works when code is logged out. + * API: Fixed multiple uses of deprecated functions. + + Version 1.8.3 (January 12, 2012 from https://github.com/Elgg/Elgg/tree/1.8) |