Info XenForo 1.1.4 Upgrade

Discussion in 'Suggestions & Forum Changes Box' started by Mr. Penguin, 26 Mar 2013.

  1. Mr. Penguin

    Mr. Penguin Administrator
    Staff Member Admin Moderator VIP

    18 May 2012
    Likes Received:
    We have new Forum Software that we need to upgrade soon. 1.1.2 -> 1.1.3 upgrade went well no issues, so hopefully this release nothing goes wrong as well.

    Here is some info and changelog:

    XenForo 1.1.4 is the fourth maintenance release in the 1.1 series. While it's primary purpose is to fix bugs, this release also includes some small feature improvements as well. These are detailed below.

    Amongst the bug fixes, there are several minor security improvements:
    • Images are checked for certain content to ensure that the image does not contain code that could be executed with incorrect server configuration (such as in Nginx). Thanks to Chris Deeming for reporting this.
    • 1.1.4 now mitigates clickjacking attacks using X-Frame-Options. Thanks to Vikram Pawar (w4rl0ck_d0wn) for reporting this.
    • Server error logs now more aggressively filter out passwords before logging. Thanks to Slink for reporting this.
    We recommend all customers upgrade to 1.1.4 to benefit from the increased stability and security improvements.

    Feature Improvements

    Some of the feature improvements in 1.1.4 include:
    • Stronger spam prevention
    • Ability to see if there are any registrations that need to be approved from the moderator bar
    • Spam cleaning a user will automatically close any pending reports for their content
    • Read only access to registration date and last activity on profiles in the admin CP
    • Item count support for navigation tabs
    • Additional admin-only links on the front-end profile page
    Bug Fixes

    Some of the bugs fixed for 1.1.4 include:
    • No more blank pages when rebuilding templates
    • Improved PHP 5.4/5.5 compatibility
    • User group changes can be orphaned, leading to situations where automatic group changes fail
    • CSS arrows do not display nicely in Firefox in some situations
    • Added phrases used by the rating template
    • Incorrect/inconsistent CSS parsing for style properties
    • Improved handling of unknown CSS constructs for style properties
    • User confirmation records not pruned
    • Adjusted the Skype custom field to support Windows Live addresses (since they merged)
    • Conversation recipient_counts being changed in incorrect scenarios
    • Improved HTML parsing in RSS feed imports
    • Improved performance in calculating banned/discouraged IPs
    • Spam cleaner did not work correctly when used multiple times without reloading
    • Spam cleaner did not delete soft deleted posts
    • Performance improvements updating thread/attachment view counts
    • Improved performance when loading the style property editor
    • Required profile fields may be able to be skipped on registration
    See the Resolved Bug Reports forum for the full list.
  • About Us

    We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.

    You can also find us on: Twitter and Facebook

  • Donate to Us

    Did you find our forums useful? Feel free to donate Bitcoin to us using the form below. Those who donate the equivlent of $10 USD or more will be upgraded to VIP membership. Don't have Bitcoin? Use your credit card to GO VIP here. Don't want to fork out some coin? There are other ways to GO VIP. Bitcoin: 1LMTGSoTyJWXuy2mQkHfgMzD7ez74x1Z8K