diff options
Diffstat (limited to 'CHANGES.txt')
-rw-r--r-- | CHANGES.txt | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index 187dc7e25..819378e12 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,3 +1,46 @@ +Version 1.8.17 +(January 1, 2014 from https://github.com/Elgg/Elgg/tree/1.8) + Contributing Developers: + * Brett Profitt + * Cash Costello + * Ed Lyons + * Evan Winslow + * Jeroen Dalsem + * Jerome Bakker + * Juho Jaakkola + * Matt Beckett + * Paweł Sroka + * Sem + * Steve Clay + + Security Fixes: + * Specially-crafted request could return the contents of sensitive files. + * Reflected XSS attack was possible against 1.8 systems. + * The cryptographic key used for various purposes may have been generated with weak entropy, particularly on Windows. + + Bugfixes: + * URLs with non-ASCII usernames again work + * Floated images are now properly cleared in content areas + * The activity page title now matches the document title + * Search again supports multiple comments on the same entity + * Blog archive sidebar now reverse chronological + * URLs with matching parens can now be auto-linked + * Log browser links for users now work + * Disabling over 50 objects should no longer result in an infinite loop + * Radio/checkbox inputs no longer have border radius (for IE10) + * User picker: the Only Friends checkbox again works + * Group bookmarklet no longer shown to non-members + * Widget reordering fixed when moving across columns + * Refuse to deactivate plugins needed as dependencies + + Enhancements: + * Group member listings are ordered by name + * The system_log table can now store IPv6 addresses + * Web services auth_gettoken() now accepts email address + * List functions: no need to specify pagination for unlimited queries + * Htmlawed was upgraded to 1.1.16 + + Version 1.8.16 (June 25, 2013 from https://github.com/Elgg/Elgg/tree/1.8) Contributing Developers: |