Serendipity 2.3.4 released (security update)

Just a few days after Serendipity Camp and our last patch release we have to release Serendipity 2.3.4, fixing a security flaw (present on Windows installations only and exploitable only for users with upload rights on the Media library).

Unfortunately, it was possible to upload a malicious file "file" (e.g. a PHP script or other executable content) without a file extension and then rename it afterwards to "file.php" on Windows. Thanks to Junyu Zhang for spotting and reporting this!

As we had to do a patch release anyway, we added some other fixes around Media Library file renaming and improved the display of installable plugins by adding the plugin source (Spartacus, bundled with Serendipity core or local).

Please see the release statement on GitHub for more (technical) details.

You can download the release file and unzip it to your installation as usual, or update from within Serendipity using the Serendipity Autoupdate Plugin (serendipity_event_autoupdate).

Please do install the update on Windows systems running Serendipity due to the security fix.

Serendipity 2.3.3 released

About half a year after our last patch release we present Serendipity 2.3.3, the next bugfix release for our current stable branch.

We made some small changes and fixed some bugs in our Media Library (including a nasty bug where renaming a file using an already existing file name deleted both files). We don't show non-existing (empty) archive pages any longer and don't render the whole page when just some JS should be rendered, speeding things up a bit. Deleting trackbacks from the frontend - when logged in - should now work again, and (last but not least) we updated some bundled plugins: serendipity_event_mailer got some enhancements (you can add an introductory text to the generated mails and send them not just when publishing your entry, but for each change, too), serendipity_plugin_comments won't add spurious whitespace in the middle of words any more, and serendipity_event_bbcode has now (working) support for roman numerals in ordered lists.

Please see the release statement on GitHub for more (technical) details.

You can download the release file and unzip it to your installation as usual, or update from within Serendipity using the Serendipity Autoupdate Plugin (serendipity_event_autoupdate).

And please don't hesitate to report bugs in our forums!

Serendipity 2.3.2 released (security update)

Serendipity 2.3.2 is a bugfix and security fix release for our current stable branch.

Two security related bugs were fixed, the pagination feature of templates like Timeline now really works, autologin now works again on MySQL, too, all thumbnails are rotated with the original image, the WYSIWYG editor won't strip some needed elements, and auto-generated mails will now look right on all MTAs.

Please see the release statement on GitHub for more details.

You can download the release file and unzip it to your installation as usual, or update from within Serendipity using the Serendipity Autoupdate Plugin (serendipity_event_autoupdate).

Please do install the update due to the security fixes we have included.

Serendipity 2.3.1 released

The first bugfix release for our new stable branch is out: Serendipity 2.3.1, fixing some bugs that crept into the 2.3.0 release as well as some older faults.

Mass delete for the media library is working again, as well as the pagination feature of templates like Timeline that couldn't cope with the "stable archives" sorting order, and the plugin lists in the backend got links to their Spartacus entries (if they are installed from Spartacus, that is).

Please see the release statement on GitHub for more details.

You can download the release file and unzip it to your installation as usual, or update from within Serendipity using the Serendipity Autoupdate Plugin (serendipity_event_autoupdate).

Serendipity 2.3.0 released

We are very happy to present Serendipity 2.3.0, our new stable version, after more than two years of work.

Along with it, we have released Serendipity 2.1.6, most probably the last bugfix release for our old 2.1.x branch.

Serendipity 2.3.0 ...

  • ... has support for PHP 7.2 and 7.3 (minimal version is now PHP 7.0)!
  • ... will upgrade Smarty to 3.1.33!
  • ... has many updates and bug fixes to the media manager, adding a gallery function and responsive thumbnails!
  • ... uses voku/simple-cache for its internal cache!
  • ... has a new maintenance mode option!
  • ... will now receive multiple trackbacks and pingbacks!
  • ... has improved plugins, e.g. the nl2br plugin!
  • ... changed some installation defaults!
  • ... includes lots of other accumulated (security) fixes!

Please see the release statement on GitHub for more details.

You can download the release file and unzip it to your installation as usual, or update from within Serendipity using the Serendipity Autoupdate Plugin (serendipity_event_autoupdate).

Serendipity 2.3.x will be our new stable branch; development will continue on Serendipity 2.4.

Many thanks to all our contributers, theme and plugin developers, all you bug reporters and testers and forum users! Without your help this would not have been possible.

We are happy to hear your feedback about our new release - as always - on our forums!

Serendipity 2.3 - First Release Candidate published!

We are happy to announce the availability of the first (and hopefully last) Release Candidate for Serendipity 2.3.

Please test it, if you can, especially on current PHP installations (PHP 7.2 up to PHP 7.4), and report all errors and (PHP) warnings. We feel comfortable with suggesting you to try out this release in a production environment, as long as you make a backup of your database and files first, as you should always do.

Serendipity 2.3 ...

  • ... has support for PHP 7.2 and 7.3 (minimal version is now PHP 7.0)!
  • ... will upgrade Smarty to 3.1.33!
  • ... has many updates and bug fixes to the media manager, adding a gallery function and responsive thumbnails!
  • ... uses voku/simple-cache for its internal cache!
  • ... has a new maintenance mode option!
  • ... will now receive multiple trackbacks and pingbacks!
  • ... has improved plugins, e.g. the nl2br plugin!
  • ... changed some installation defaults!
  • ... includes lots of other accumulated (security) fixes!

Please see the release statement on GitHub for more details.

You can download the release file and unzip it to your installation as usual, or update from within Serendipity using the Serendipity Autoupdate Plugin (serendipity_event_autoupdate).

We are happy to hear your feedback about this release candidate on our forums! Thanks on behalf of the dev team.