Elgg 1.8.10 has been released with important security enhancements. Be sure to upgrade immediately to protect your sites.
The primary security enhancement in 1.8.10 addresses a problem introduced in 1.8.9 that exposes user profile fields and other information stored in certain types of metadata. Versions below 1.8.9 are not affected by the security vulnerability.
Additional changes in 1.8.10 include:
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by Raül Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
Users may want to hold off on 10 and just apply this patch to fix the metadata visibility bug.
It appears Elgg is breaking when creating a new group. I'm investigating now.
Just updated still It have IE issue I am not able to login into elgg using IE8 and IE 9 can you please check .. Thanks for Performance update i will test more and report if any issues found
Due to insufficient testing on my part, 1.8.10 has a fatal error on the group creation form. The fix is already on github, and release of 1.8.11 will likely follow very soon.
thank you steve clay... i was just picking my hair for the last 2 hrs what was went wrong in my upgrade... thank you very much.. I have applied all the patches you told....
@saurabh are you logging in using the URL specified in your site settings? The hostname, protocol, and port (if provided) must match.
@Steve Clay - is the issue with memory exhausted fixed in 1.8.10?
@slyhne. Yes. And 1.8.11 is out.