Updates Forum Software Updated Today

Discussion in 'Announcements' started by admin, Nov 1, 2015.

Tags:
  1. admin

    admin Administrator Staff Member

    Most significantly, a security issue has been identified and fixed in this release. The issue employs a tactic known as "reverse tabnabbing" in which a link that opens in a new tab contains code that can redirect the original tab to another URL, which could be used as a phishing attempt.

    Some of the other bug fixes include:
    • Changed the approach of the link proxy to use a background ajax request to improve accuracy and reduce interference. Note that add-ons that build on the link proxy may need to be changed.
    • Add a "quiet zone" to the QR code shown when enabling two-step verification via an app.
    • Ensure that spam checking is run when editing a thread title.
    • Do not autolink across "[" to prevent problems when a URL is surrounded by something that looks like a BB code.
    • Ensure that report threads are created even if the content would exceed the maximum message length.
    • Correctly identify a few additional patterns as bounced emails or challenge requests.
    • When sending messages (via conversations) to users, do the autolinking only at the beginning to avoid making unnecessary page title resolution requests.
    • Change the IPv6 information URL to a different, more complete service.

    We have also released XenForo Media Gallery updates in order to fix several issues discovered since the previous release. The issues fixed were:
    • User storage quotas are now stored in kilobytes rather than bytes. A rebuild will trigger during upgrade and may make the upgrade appear to take longer than usual.
    • Media items inside an album could not be edited by moderators, even if they had permission to.
    • Fixed an issue which prevented forum posts from having constraints, such as maximum message length, checked properly.
    • Fixed an issue with the Photopost importer to handle a case in PhotoPost that saw some photos having a negative date.
    • Reduced the maximum amount of work the Sitemap handler for media was able to do in each pass to avoid memory limit issues.
    • Change the format of the title of the comments warning handler and avoid an issue with characters being escaped.
     

Share This Page