Serendipity 2.1.4 and 2.2.1-alpha1 released

Two new releases have been issued today. 2.1.4 is a security fix release which addresses these issues:

  • Security: Fix XSS for pagination, when multi-category selection is used. Thanks to Brian Carpenter (geeknik) and Hanno Boeck!
  • Minor code fixes (proper PHP escaping for 'orderkey' SQL statement
  • Skeleton, Timeline and Clean Blog templates: Add theme option to disable google webfonts
  • Link to https s9y.org pages

The 2.2.1-alpha1 release addresses a few larger changes in Serendipity. These are the key points of the release:

  • PHP 7.2 support (including a new autologin token system and bcrypt password hashing)
  • Add function to add multiple images to an enty at once, creating a gallery
  • Added a maintenance mode option
  • Upgrade Smarty to 3.1.32
  • Bootstrap4 adaptations
  • Fixes for plugin drag'n'drop
  • Improvements to the p-mode of nl2br plugin
  • Ability to create responsive image thumbnails
  • Improvements to local caching
  • Rework of moving media items (work in progress)

We would love to get feedback from our users. Be sure to try out the new release only on test/development blogs yet. If you absolutely want to test it on production blogs, make sure to have a backup available.

Both releases can be downloaded from our GitHub release page.

Trackbacks

Trackback specific URI for this entry

  • No Trackbacks

Comments

Display comments as (Linear | Threaded)

No comments

Add Comment

E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

BBCode format allowed