Serendipity 1.3 released

Post Reply
garvinhicking
Core Developer
Posts: 30022
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:

Serendipity 1.3 released

Post by garvinhicking »

Serendipity 1.3 has finally been released. The new release is mainly a
feature consolidation release, but also contains XSS security fixes:

* The karma rating plugin has been upgraded to support nice, CSS-based
rating graphics (see http://board.s9y.org/viewtopic.php?t=12300) and
an overall rehaul on the its coding.

* Make the Spartacus plugin be able to use FTP upload, a workaround
for SafeMode PHP restrictions. Also add a remote backend for plugin
update checks.

* An importer for phpNuke and lifetype has been added.

* Support for pingbacks has been improved a lot. Trackbacks can now be
blocked based on Sender IP checks.

* Add better CSS styling for some internal plugins and the embedding
of images. Also made the Remote-RSS plugin to be capable of Smarty-
Templating.

* Increased Smarty templating features for the
{serendipity_fetchPrintEntries} function, to be able to check for
entry properties.

* Add support for SQRelay.

* Minor CSS and graphic updates to the Bulletproof template.

The full list of 41 changes to this release are documented within the
NEWS file.

Regarding Security, the bundled Smarty library has been updated to
version 2.6.19 and adresses an issue in environments where the PHP
security mode is required. Also, the new Serendipity release contains
tighter backend XSS checks so that environments with untrusted authors
can be more secure - many thanks to Hanno Böck for addressing this.
Most importantly, an issue with XSS attacks within received trackbacks
has been discovered by Peter Hüwe and was fixed.

The update is easy as usual, and recommended for Serendipity users -
especially if you do not regularly moderate or check your incoming
trackbacks.

Upgrade pointers can be found in the FAQ at http://www.s9y.org/11.html
and is as easy as just to upload the new files.

Have fun!
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
subberman77
Regular
Posts: 78
Joined: Sun May 13, 2007 8:51 pm
Location: heilbronn
Contact:

Post by subberman77 »

I love Serendipity! :-)

I just have to update now...


greets
alex
scottblitz
Regular
Posts: 20
Joined: Fri Sep 07, 2007 12:36 am
Contact:

Post by scottblitz »

It sure is nice to look forward to update day for Serendipity - such a breeze to do and not followed by hundreds of little mini-updates to fix the big update.

I dread seeing the notification of a new WordPress version - bleh.

Thanks Garvin and the team for all that you do.

SB
Don Chambers
Regular
Posts: 3652
Joined: Mon Feb 13, 2006 2:40 am
Location: Chicago, IL, USA
Contact:

Post by Don Chambers »

Garvin - can you roll the 1.3 svn branch to 1.3.1a? There are already commits since 1.3.
=Don=
garvinhicking
Core Developer
Posts: 30022
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:

Post by garvinhicking »

Hi!

Yes, that's what branches are meant for! All 1.3.x releases will go into the 1.3 branch directory :)

But thanks for reminding me, I bumpbed the s9y version string in the branch.

Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
Post Reply