XenForo Announcements

Today, we're moving one step closer to declaring the XenForo 1.4.0 as stable and supported. What is a Release Candidate? After a number of beta releases, the functionality of the product should be complete and the rate of bugs being reported (should) slow to a trickle, allowing the development team to work through the backlog and reduce the number of bugs to a handful. We have now reached this point in the development of XenForo 1.4.0, so the time is right to produce a release candidate. This means that the software is proposed as stable, and a period of time is allowed to verify the proposal. If no major bugs are found during that period, the software will be released as 1.4.0. If bugs are found that are considered sufficiently...

XenForo 1.4.0 Beta 3 is now available to all customers with active licenses. This release primarily focuses on fixing bugs, conflicts, and usability issues discovered since the release of XenForo 1.4.0 Beta 2. As well as bug fixes, this release also adds a few small improvements compared to 1.4.0 Beta 2: Statuses can now be updated directly from the New Profile Posts sidebar block and the dedicated page. All active thread reply bans can be viewed in the control panel. We recommend that all customers running a previous 1.4.0 beta upgrade when possible. This is beta software. It is not officially supported. We do not recommend running it in production. Please remember that this is beta software. It contains known bugs and incomplete...

XenForo 1.4.0 Beta 2 is now available to all customers with active licenses. This release primarily focuses on fixing bugs, conflicts, and usability issues discovered since the release of XenForo 1.4.0 Beta 1. This release also includes the same XML-related security fix as XenForo 1.2.6 and 1.3.5. We recommend all customers running 1.4.0 Beta 1 upgrade as soon as possible. Please note that in order to resolve this security issue, XenForo's PHP requirements needed to increase slightly. This release now requires PHP 5.2.11 or higher. This is beta software. It is not officially supported. We do not recommend running it in production. Please remember that this is beta software. It contains known bugs and incomplete functionality. We do...

Today, we are pleased to release XenForo 1.3.5. This release addresses a security vulnerability that was identified. As such, we recommend that all customers running 1.3 upgrade to 1.3.5 as soon as possible. Please note that in order to resolve this security issue, XenForo's PHP requirements needed to increase slightly. This release now requires PHP 5.2.11 or higher. The security issue relates to XML processing. A specially crafted XML file can be used to enact a denial of service attack or potentially read files from the the file system. This type of vulnerability has been identified in many other applications. In XenForo, the risk is mitigated as only authenticated administrators may trigger the XML processing routines; website...

Today, we are releasing XenForo 1.2.6 to address a potential security vulnerability that has been identified. We recommend that all customers running XenForo 1.2 or earlier upgrade to 1.2.6 as soon as possible. This fix changes a large number of files so a full upgrade is required. Please note that in order to resolve this security issue, XenForo's PHP requirements needed to increase slightly. This release now requires PHP 5.2.11 or higher. The security issue relates to XML processing. A specially crafted XML file can be used to enact a denial of service attack or potentially read files from the the file system. This type of vulnerability has been identified in many other applications. In XenForo, the risk is mitigated as only...

We are happy to announce that XenForo 1.4.0 Beta 1 is now available to all customers with active licenses. XenForo 1.4 includes a number of new features, such as selective quoting, automated bounce handling, sitemap XML generation, several new moderator tools and more.. You can see the full list of new features in the Have You Seen...? forum. This is beta software. It is not officially supported. We do not recommend running it in production. Please remember that this is beta software. It contains known bugs and incomplete functionality. We do not recommend running beta software in a production environment, and support is limited at this time to questions here on the community forums. Add-ons and custom styles may be broken after...

Today, we are pleased to release XenForo 1.3.4. This release fixes a number of bugs and issues that were found since the release of 1.3.3. As this is a maintenance release, the vast majority of the focus was an increase in stability. Some of the bugs fixed in 1.3.4 include: Fix backwards compatibility/deprecation issue in PHP 5.6 Fix logging of password changes in the user change log Attempt to prevent links to proxy.php being inserted into posts in certain cases Ensure that links that do go to proxy.php in posts are considered external Fix situation where search grouping is lost when replaying a search Fix editor menu icon positioning in RTL Fix tooltip positioning over certain avatars in RTL Do not notify users of new posts while...