aboutsummaryrefslogtreecommitdiff
path: root/CHANGES.txt
diff options
context:
space:
mode:
Diffstat (limited to 'CHANGES.txt')
-rw-r--r--CHANGES.txt43
1 files changed, 43 insertions, 0 deletions
diff --git a/CHANGES.txt b/CHANGES.txt
index 187dc7e25..819378e12 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,3 +1,46 @@
+Version 1.8.17
+(January 1, 2014 from https://github.com/Elgg/Elgg/tree/1.8)
+ Contributing Developers:
+ * Brett Profitt
+ * Cash Costello
+ * Ed Lyons
+ * Evan Winslow
+ * Jeroen Dalsem
+ * Jerome Bakker
+ * Juho Jaakkola
+ * Matt Beckett
+ * Paweł Sroka
+ * Sem
+ * Steve Clay
+
+ Security Fixes:
+ * Specially-crafted request could return the contents of sensitive files.
+ * Reflected XSS attack was possible against 1.8 systems.
+ * The cryptographic key used for various purposes may have been generated with weak entropy, particularly on Windows.
+
+ Bugfixes:
+ * URLs with non-ASCII usernames again work
+ * Floated images are now properly cleared in content areas
+ * The activity page title now matches the document title
+ * Search again supports multiple comments on the same entity
+ * Blog archive sidebar now reverse chronological
+ * URLs with matching parens can now be auto-linked
+ * Log browser links for users now work
+ * Disabling over 50 objects should no longer result in an infinite loop
+ * Radio/checkbox inputs no longer have border radius (for IE10)
+ * User picker: the Only Friends checkbox again works
+ * Group bookmarklet no longer shown to non-members
+ * Widget reordering fixed when moving across columns
+ * Refuse to deactivate plugins needed as dependencies
+
+ Enhancements:
+ * Group member listings are ordered by name
+ * The system_log table can now store IPv6 addresses
+ * Web services auth_gettoken() now accepts email address
+ * List functions: no need to specify pagination for unlimited queries
+ * Htmlawed was upgraded to 1.1.16
+
+
Version 1.8.16
(June 25, 2013 from https://github.com/Elgg/Elgg/tree/1.8)
Contributing Developers: