RSS

Bloggers

Brett Profitt
All posts
Twitter

Cash Costello
All posts
Twitter

Evan Winslow
All posts
Twitter

Juho Jaakkola
All posts
Twitter

Matt Beckett
All posts
Twitter

Paweł Sroka
All posts
Twitter

Steve Clay
All posts
Twitter

Search

Blog tagcloud

    Dec
    04th
    by
    Brett Profitt

    Elgg 1.8.10 released with security enhancements

    Elgg 1.8.10 has been released with important security enhancements. Be sure to upgrade immediately to protect your sites.

    The primary security enhancement in 1.8.10 addresses a problem introduced in 1.8.9 that exposes user profile fields and other information stored in certain types of metadata. Versions below 1.8.9 are not affected by the security vulnerability.

    Additional changes in 1.8.10 include:

    • UX: Added a list of Administrators in the admin area
    • UX: Limiting message board activity stream entries to excerpts
    • Performance: Prefetching river entries
    • Performance: Plugin entities are cached
    • Removed superfluous commas in JS files to fix IE compatibility.
    • API: Fixed Twitter API.
    • Performance: Outputting valid ETags and expires headers.
    The contributing developers for the 1.8.10 release were:
    • Krzysztof Różalski
    • Lars Hærvig
    • Paweł Sroka
    • RiverVanRain
    • Sem
    • Steve Clay