The Serendipity Team is proud to offer two new releases:
Serendipity 1.0.1 addresses a few minor bugfixes in the otherwise very well-received 1.0 stable release. Those are related to utf8-iconv conversion on older PHP setups, sending comment mails to users without an email address and a WYSIWYG image insertion issue.
The most important fix and reasing for the 1.0.1 release is a security issue that has been reported by Sebastian Nohn using the cool new Security-Scanner Chorizo. The only reported issue by Chorizo was the possibility of Users who could add plugins to the installation (usually only Administrators) to insert file references to other arbitrary PHP files that are then included. We feel this is a minor impact, because usually all administrators already would have full access to the PHP filebase and could include remote files with different means. Also note that users with safemode/open_basedir restrictions would not be affected by this.
Users with multi-users installations, giving plugin access to untrusted users are urged to upgrade to the latest release!
Serendipity 1.1-beta1 brings the long awaited new features to a first public release. The 1.1-alpha versions have been tested in the past quite well and are thought to run quite stable.
The 1.1 version brings those major new features (also see an earlier blog entry for details):
- Completely overhauled Media Gallery. Serendipity has always been a major player in providing easy media database access, and is now enhancing it for even more usability and flexibility. You can now assign privileges for every media directory. You can now retrieve and store meta properties like descriptions, EXIF-Data, keywords - and filter/search for them easily. Plus, the media gallery is now Smarty Template-driven, so you can customize it to your needs. You can now move images/whole directories within the filestructure, and existing entries will be edited to suit that new location. The media database can now be synchronized on-the-fly with contents on the webspace - means you can upload files via FTP and they will automagically be imported. A explorer-like view on the directories completes the featureset.
- You can enable/disable certain markup plugins per-entry. Ever wanted to create a Full HTML posting, but were annoyed by automatic nl2br conversion? Now you can turn it off for specific entries.
- Support for Template Options. All Themes can now offer specific configuration options for using a theme, like specifying which colorset you want to use, which navigational items you'd like to see and even fine-control banner options. See Carl Galloways Page for some sneak previews on the functionality to come!
- You can now use an URL scheme to view comments and entries by individual users/authors (with date-filtering and pagination)
- new "comments and trackbacks" RSS feed for your entries
- A new LiveJournal XML importer
- New plugin manager button to check for new versions of all installed plugins
- Entryproperties plugin now supports setting passwords for entries
- Performance improvements: Smarty API now passes more variables by references, which largely reduces the memory footprint
- New Template Engines: PHP and XML/XSLT-Drivers
- Make use of possible existing PEAR-Installations already existing on your server
- Improved Security of the "auto-login" feature
- Fix blocking site during file requests by writing session data to disk before making trackbacks etc.
- New Language: Arabic
- ...and many more!
Both releases can be found in the Download-Section on www.s9y.org. As always, just unpack them over your current installation to upgrade. More details can be found in the FAQ on www.s9y.org.
Have fun -- and please report any bugs you find on our Forums!
- Compyblog on : Blog-Gebastel
- Gibt's doch gar nicht on : Und wieder mal problemlos
- aggrozollhaus weblog on : Updates
- xeranon.CH - version 8 on : Sicherheitsupdate erfolgreich einegspielt & neuer Style
- Wahnsinnsblog on : Kann sein..
- Marco Gabriel on : Serendipity 1.1 beta veröffentlicht
- Nur ein Blog on : Serendipipty 1.1-Beta1 fertig gestellt
- ridcully.info on : Serendipity Update
- :: CrUisErs BLOG :: on : Serendipity 1.1-BETA1
- Rembrandt's Malerwerkst.at on : Ned wundern,
- Blog TXT on : S9y 1.1 update