XenForo 1.1.4 is the fourth maintenance release in the 1.1 series. While it's primary purpose is to fix bugs, this release also includes some small feature improvements as well. These are detailed below.
Amongst the bug fixes, there are several minor security improvements:
Images are checked for certain content to ensure that the image does not contain code that could be executed with incorrect server configuration (such as in Nginx). Thanks to Chris Deeming for reporting this.
1.1.4 now mitigates clickjacking attacks using X-Frame-Options. Thanks to Vikram Pawar (w4rl0ck_d0wn) for reporting this.
Server error logs now more aggressively filter out passwords before logging. Thanks to Slink for reporting this.
We recommend all...