Elgg Blog: Elgg 1.8.4 released
Elgg 1.8.4 has been released with over 70 closed tickets. This release contains important security enhancements, so be sure to upgrade as soon as possible to keep your network safe.
The first security enhancement addresses an issue with web services authorization that would allow unauthorized users access to an authorization token. Thanks to Christian Bode for the report. This is an important issue that all Elgg admins should upgrade immediately to correct.
The second security issue is a minor issue that could expose which plugins are loaded on a site.
In addition to security enhancements, there were a number of bugfixes and other improvements.
- UI: Tags display in the case they were saved.
- UI: Removed pagination in friends widget.
- UI: Tag search works for tags with spaces.
- Groups: Link for managing join requests is restored in the sidebar.
- Walled Garden: Cron and web services endpoints are exposed as public sites.
- The Wire: UTF usernames are correctly linked with @ syntax.
- Message Board: Fixed delete.
- API: entities loaded via elgg_get_entities_from_relationship() have the correct time_created.
- API: Deleting entities recursively works when code is logged out.
Download Elgg 1.8.4 and upgrade as soon as possible to take advantage of the security improvements, bug fixes, and enhancements.
Thanks to everyone who submitted bug reports, helped test, and submitted pull requests! There were a total of 10 contributing developers for this release:
- Adayth Talavera
- Brett Profitt
- Cash Costello
- Evan Winslow
- Ismayil Khayredinov
- Janek Lasocki-Biczysko
- Jerome Baker
- Sem
- Steve Clay
- Webgalli
Brett
Latest comments
Matt Beckett on Announcing Elgg Camp Italy! ():
Am I Mr. B? I thought I had posted my talk... if not here it...- Brett on Announcing Elgg Camp Italy! ():
I just wanted to reiterate how amazing ECI was! Thanks a million times to...
Awesome, as always, thanks for the hard work.
excellent work guys, thanks
Nice work elgg team
Excellent!
nice work elgg team thanks for your hard work.. :)
does all elgg 1.8.3 plugin work with 1.8.4 release?
Thanks for the appreication, everyone!
@meril - I'm pretty sure there were no changes in 1.8.4 that would break well-written plugins. "Well-written" is the key here, though...
Translated with google.
thank you guys for your effort... I appreciate the work of adding IP address to the log file.. This will help to track those who do wrong things in ELGG social networks..
And hope in the next release, will have a better mailing plugin which is cron triggered and ques the mailings... (must have a option for SMTP settings and mail per hour option too)
Thank you once again for your hardwork