Announcements

Today, we are pleased to release XenForo 1.5.8. This release fixes a number of bugs and issues that were found since the release of 1.5.7. As this is a maintenance release, the vast majority of the focus was an increase in stability. This release includes fixes for 2 security-related issues reported by Julien Ahrens (from www.innogames.com). We consider these issues to be very minor and are very unlikely to be exploitable, so they have been included as part of the 1.5.8 fixes rather than as a separate patch. The issues fixed were: An image injection vulnerability in SWFUpload. This could allow a user to believe they were loading an image from your domain while it was being loaded from an external domain which may lead to user...

XenForo Media Gallery 1.1.7 is a maintenance release for our media gallery add-on. We recommend all customers running XenForo Media Gallery to upgrade to 1.1.7 to benefit from increased stability. This release fixes several bugs that were reported following the release of XenForo Media Gallery 1.1.6: Change so that unsharp masking is not allowed to happen with some image resize operations. Fix for an issue that could have seen invalid values entered as a thumbnail path for a media site. Catch Exceptions that may be thrown as a result of media site thumbnail generation failing. Ensure GALLERY BB code limits are enforced in conversations. For the full list of bug fixes, see the Resolved Media Gallery Bugs forum. No templates have had...

XenForo Media Gallery 1.1.6 is a maintenance release for our media gallery add-on. We recommend all customers running XenForo Media Gallery to upgrade to 1.1.6 to benefit from increased stability. This release fixes several bugs that were reported following the release of XenForo Media Gallery 1.1.5: Added a new option to control the thumbnail quality of JPG thumbnails. Added a new unsharp mask filter to the thumbnail process to make thumbnails appear sharper. The cached thumbnail URL is no longer used for album thumbnails therefore changes made to the XF data directory take effect immediately. Prevented a situation where a video embed could be updated to an invalid URL. Improved some of the custom field display styling on the media...

Today, we are pleased to release XenForo 1.5.7. This release fixes a number of bugs and issues that were found since the release of 1.5.6. As this is a maintenance release, the vast majority of the focus was an increase in stability. Please note that we are now formally recommending that you upgrade to PHP 5.4 or newer. Our intention with XenForo 2.0 is to require PHP 5.4 or newer. If you are running PHP 5.3 or 5.2, you will receive a warning when installing or upgrading XenForo. Some of the bugs fixed in 1.5.7 include: The interface used by admins to update user passwords has been improved to prevent accidental changes due to autofill. Improved usage of cURL in the PayPal upgrade processor to ensure that requests are still...

XenForo Enhanced Search (XFES) 1.1.4 is a maintenance release for our add-on that replaces XenForo's built in search engine with one powered by Elasticsearch to provide greater performance and better search results. This release fixes several bugs: Prevent creating result sizes greater than Elaticsearch's default index.max_result_window value (10000). Improve error handling in newer versions of Elasticsearch and prevent this error handling from interfering with the main request being processed. Requirements XFES requires that you have elasticsearch 0.16.0 or newer installed. As such, this add-on is only applicable if you have root access to your server (such as with a dedicated server or VPS). XFES also requires XenForo 1.3.0 or...

Today, we are pleased to release XenForo 1.5.6. This release fixes a number of bugs and issues that were found since the release of 1.5.5. As this is a maintenance release, the vast majority of the focus was an increase in stability. In addition to the usual bug fixes, we've made a few improvements: In June, PayPal will be making changes to force all requests to use TLS 1.2. If your server does not support TLS 1.2, after this date, user upgrades will not be processed correctly. As of 1.5.6, we attempt to ensure that we use a connection type that supports TLS 1.2 so service will not be interrupted when the change happens. Unfortunately, your server may not support TLS 1.2. If you are using user upgrades, it's important to check this...

XenForo Media Gallery 1.1.5 is a maintenance release for our media gallery add-on. We recommend all customers running XenForo Media Gallery to upgrade to 1.1.5 to benefit from increased stability. In addition to the usual bug and stability focus we have added beta support for importing from the IP Gallery versions which were designed to work with IP Board 4.0 and IP Board 4.1. This release fixes several bugs that were reported following the release of XenForo Media Gallery 1.1.4: A new option has been added to allow you to disable the ability to upload images from a URL. Disable this to prevent your server IP address being identified through use of this feature. (Alternatively, XenForo 1.5.6's untrusted HTTP client configuration is...