Elgg 1.8.4 has been released with over 70 closed tickets. This release contains important security enhancements, so be sure to upgrade as soon as possible to keep your network safe.
The first security enhancement addresses an issue with web services authorization that would allow unauthorized users access to an authorization token. Thanks to Christian Bode for the report. This is an important issue that all Elgg admins should upgrade immediately to correct.
The second security issue is a minor issue that could expose which plugins are loaded on a site.
In addition to security enhancements, there were a number of bugfixes and other improvements.
Download Elgg 1.8.4 and upgrade as soon as possible to take advantage of the security improvements, bug fixes, and enhancements.
Thanks to everyone who submitted bug reports, helped test, and submitted pull requests! There were a total of 10 contributing developers for this release:
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by Raül Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
Awesome, as always, thanks for the hard work.
excellent work guys, thanks
Nice work elgg team
Excellent!
nice work elgg team thanks for your hard work.. :)
does all elgg 1.8.3 plugin work with 1.8.4 release?
Thanks for the appreication, everyone!
@meril - I'm pretty sure there were no changes in 1.8.4 that would break well-written plugins. "Well-written" is the key here, though...
Translated with google.
thank you guys for your effort... I appreciate the work of adding IP address to the log file.. This will help to track those who do wrong things in ELGG social networks..
And hope in the next release, will have a better mailing plugin which is cron triggered and ques the mailings... (must have a option for SMTP settings and mail per hour option too)
Thank you once again for your hardwork