Elgg 1.7.13 has been released to address a serious bug some users encountered when trying to upgrade to 1.7.12 and a mild security vulnerability.
The upgrade bug prevented some users from being able to run the upgrade.php script.
The security vulnerability was in the livesearch endpoint and could cause an SQL query exposure using a specially crafted URL.
In addition to these bugfixes, a few other enhancements were included in 1.7.13:
* Files that are too large to upload will be rejected with an error message by the Files plugin. Previous versions of Elgg would save these as empty files.
* The pages plugin forwards to the All Pages page when there isn't a valid page owner.
All users of Elgg 1.7 are encouraged to upgrade.
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.