XenForo Announcements

XenForo Enhanced Search (XFES) 1.1.1 is a maintenance release for our add-on that replaces XenForo's built in search engine with one powered by elasticsearch to provide greater performance and better search results. XFES 1.1.1 makes a small change to ensure compatibility with the upcoming elasticsearch 1.4 release. XFES 1.1.1 now uses Groovy for dynamic scripts in elasticsearch 1.3 or newer. This can allow dynamic scripting to be used in more situations. If you choose to disable the dynamic scripting option in XFES, please make sure you copy the scoring scripts in library/XenES/_scripts/ to your elasticsearch scripts directory. Requirements XFES requires that you have elasticsearch 0.16.0 or newer installed. As such, this add-on is...

Today, we're moving one step closer to declaring the XenForo 1.4.0 as stable and supported. What is a Release Candidate? After a number of beta releases, the functionality of the product should be complete and the rate of bugs being reported (should) slow to a trickle, allowing the development team to work through the backlog and reduce the number of bugs to a handful. We have now reached this point in the development of XenForo 1.4.0, so the time is right to produce a release candidate. This means that the software is proposed as stable, and a period of time is allowed to verify the proposal. If no major bugs are found during that period, the software will be released as 1.4.0. If bugs are found that are considered sufficiently...

XenForo 1.4.0 Beta 3 is now available to all customers with active licenses. This release primarily focuses on fixing bugs, conflicts, and usability issues discovered since the release of XenForo 1.4.0 Beta 2. As well as bug fixes, this release also adds a few small improvements compared to 1.4.0 Beta 2: Statuses can now be updated directly from the New Profile Posts sidebar block and the dedicated page. All active thread reply bans can be viewed in the control panel. We recommend that all customers running a previous 1.4.0 beta upgrade when possible. This is beta software. It is not officially supported. We do not recommend running it in production. Please remember that this is beta software. It contains known bugs and incomplete...

XenForo 1.4.0 Beta 2 is now available to all customers with active licenses. This release primarily focuses on fixing bugs, conflicts, and usability issues discovered since the release of XenForo 1.4.0 Beta 1. This release also includes the same XML-related security fix as XenForo 1.2.6 and 1.3.5. We recommend all customers running 1.4.0 Beta 1 upgrade as soon as possible. Please note that in order to resolve this security issue, XenForo's PHP requirements needed to increase slightly. This release now requires PHP 5.2.11 or higher. This is beta software. It is not officially supported. We do not recommend running it in production. Please remember that this is beta software. It contains known bugs and incomplete functionality. We do...

Today, we are pleased to release XenForo 1.3.5. This release addresses a security vulnerability that was identified. As such, we recommend that all customers running 1.3 upgrade to 1.3.5 as soon as possible. Please note that in order to resolve this security issue, XenForo's PHP requirements needed to increase slightly. This release now requires PHP 5.2.11 or higher. The security issue relates to XML processing. A specially crafted XML file can be used to enact a denial of service attack or potentially read files from the the file system. This type of vulnerability has been identified in many other applications. In XenForo, the risk is mitigated as only authenticated administrators may trigger the XML processing routines; website...

Today, we are releasing XenForo 1.2.6 to address a potential security vulnerability that has been identified. We recommend that all customers running XenForo 1.2 or earlier upgrade to 1.2.6 as soon as possible. This fix changes a large number of files so a full upgrade is required. Please note that in order to resolve this security issue, XenForo's PHP requirements needed to increase slightly. This release now requires PHP 5.2.11 or higher. The security issue relates to XML processing. A specially crafted XML file can be used to enact a denial of service attack or potentially read files from the the file system. This type of vulnerability has been identified in many other applications. In XenForo, the risk is mitigated as only...

We are happy to announce that XenForo 1.4.0 Beta 1 is now available to all customers with active licenses. XenForo 1.4 includes a number of new features, such as selective quoting, automated bounce handling, sitemap XML generation, several new moderator tools and more.. You can see the full list of new features in the Have You Seen...? forum. This is beta software. It is not officially supported. We do not recommend running it in production. Please remember that this is beta software. It contains known bugs and incomplete functionality. We do not recommend running beta software in a production environment, and support is limited at this time to questions here on the community forums. Add-ons and custom styles may be broken after...