From: Dietrich M. <die...@us...> - 2010-08-29 15:44:00
|
As you can see from the announcement list and public website, there is an RSS feed security issue in 1.0.10. Therefore, a patch was released and 1.0.11 containing the fix will be released soon. The (probably permanent) changelog for 1.0.11: - Added possibility to remove user's posts upon removing user in ACP. - Added possibility to ban user's email address or domain upon removing user in ACP. - Added preview feature for member pruning in ACP. - Added setting to enable/disable PHP's error log. - Added user delete link for admin on profiles. - Fixed security issue with forum/topic RSS feeds with "read" forum permission. - Fixed bug that didn't update stats on full forum delete. - Fixed bug that didn't adjust posts from certain members upon member pruning. - Fixed bug #2492: never logged in users are always pruned with member pruning. - Fixed bug #2488: CSS overflow for post contents. - Fixed bug #2451: 403 error for active topics feed when no topics available. - Fixed new/missing settings' wrong default values in ACP. - SQL toolbox now prints usable HTML table for results instead of textbox. - Removed ICQ status icons from profile. - Hide "deprecated" warnings from PHP 5.3. - Forum select boxes are larger. - "Remember me" now unchecked on login form. - Single error for unexisting user and wrong password on login form. If you have the means, time and interest please download the latest CVS HEAD and test this before the release (there will be no for at least 7 days from now on). --Dietrich |