XenForo Announcements

XenForo 2.0.4 is now available for all licensed customers to download. We recommend that all customers running previous versions of XenForo 2.0 upgrade to this release to benefit from increased stability. Download XenForo 2.0.4 Some of the changes in 2.0.4 include: Prevent errors when CLI jobs run and return a phrase as a status message. Prevent infinite loops when CLI jobs run and resume with a continue date in the future. Fix error on contact form when validating. Cached add-on entries could be used to build the active add-on cache with outdated information. When merging templates, ensure that the version details are updated accordingly, even if the template itself hasn't been changed. Remove unused duplicate method in the...

Today, we have released XenForo Importers 1.0.1, a maintenance release for our importers add-on. This release primarily targets bug fixes: Some of the changes include: vBulletin: Only rewrite quotes where a post ID is specified in the quote BB code. vBulletin: Re-implement the blogModerators step and disable the blogUsers step. vBulletin: Prevent errors when importing smilies if there are no smilies to import.. vBulletin: Process buddy/ignore lists correctly. vBulletin: Double-encoded strings (usernames, titles etc.) are now not double-encoded General: Importers are now expected to decide for themselves whether each field should have HTML entities decoded or not. You can either do this using EntityEmulator->set($fieldName, $value...

XenForo 2.0.3 is now available for all licensed customers to download. We recommend that all customers running previous versions of XenForo 2.0 upgrade to this release to benefit from increased stability. Download XenForo 2.0.3 Most importantly, this release includes a fix for a security issue that was reported to us by Julien from RCE Security. The issue was not found within XF code itself, but instead a file which we previously included with XF 1.5.x within the Video JS library. The issue is known as an "authentication phishing" exploit which involves posting a specially crafted URL pointed at the Video JS SWF file. This specially crafted URL, when clicked on or embedded in a page, can include another URL which returns a 401...

XenForo 1.5.18 is now available for all licensed customers to download. This release fixes a number of bugs and issues that were found since the previous release. As this is a maintenance release, the vast majority of the focus was an increase in stability. Most importantly, this release includes a fix for a security issue that was reported to us by Julien from RCE Security. The issue was not found within XF code itself, but instead a file which we previously included with XF 1.5.x within the Video JS library. The issue is known as an "authentication phishing" exploit which involves posting a specially crafted URL pointed at the Video JS SWF file. This specially crafted URL, when clicked on or embedded in a page, can include another...

Today, we have released XenForo Media Gallery 2.0.3, a maintenance release for our gallery add-on. This release primarily targets bug fixes and other small improvements. Some of the changes include: Fix an erroneous privacy check affecting guest users. Extend the media list limit option to the category view to help load times in particularly large categories. Fix a logic error which prevented creation of new personal albums even if the user had permission. Improve clarity of watermarking process when it comes to checking permissions. Remove a redundant global permission check when starting a file upload. Fix a potential undefined index error when updating legacy media report content info. Fix an error which can occur when watermarking...

Today, we have released XenForo Resource Manager 2.0.2, a maintenance release for our resource management add-on. This release primarily targets bug fixes and other small improvements. Some of the changes include: Update a resource's rating cache when a rating or review is deleted. Link the title of the "Top resources" widget to the full list of resources. Fix the Download button when viewing unapproved resource versions. Add rel="nofollow" to prefix links. Support for uploading an icon when adding a resource, or uploading/deleting an existing icon when editing a resource. For the full list of bug fixes, see the Resolved Resource Manager bugs forum. The following public templates have had changes: approval_item_resource_version...

XenForo 2.0.2, the second maintenance release for the XenForo 2.0 series is now available for all licensed customers to download. We recommend that all customers running previous versions of XenForo 2.0 upgrade to this release to benefit from increased stability. Download XenForo 2.0.2 There are a very large number of changes, most of which are fixes and many of which will go unnoticed, but here are some highlights: Admin control panel search now supports almost all content types and navigational areas of the admin control panel, and also supports up/down/enter keyboard navigation, so that in conjunction with the / keyboard shortcut, it is usable entirely from the keyboard. XenForo redirects for vBulletin (XF301VB) is a new add-on...