Hosting Serendipity

2.0.5
 (Sicherheitsupdate)
6 Dezember 2016 - 27MB
[Security] Improve preventing fetching local files, thanks to Xu Yue.
[Security] Prevent XSS in adding category and directory names, thanks to Edric Teo @smarterbitbybit, CVE-2016-9681.

Lesen Sie mehr: http://blog.s9y.org/archives/271-Serendipity-2.0.5-and-2.1-beta3-released.html






2.0.3
 (Sicherheitsupdate)
4 Januar 2016 - 27MBHappy new Year! Serendipity 2.0.3 has just been released to address a XSS security issue found and reported by Onur Yilmaz and Robert Abela from Netsparker.com. Thanks a lot for contacting us and working with us to address the issue.



The issue only affects logged-in authors, where HTML can be inserted into the comment editing form when they click specially crafted links. Due to the required authentification we consider the issue of medium impact, but suggest everyone to perform the update.
Lesen Sie mehr: http://blog.s9y.org/archives/266-Serendipity-2.0.3-released.html






2.0.1
 (Sicherheitsupdate)
13 März 2015 - 27MBThis is the first maintenance release which fixes a couple of minor issues, and one security-related issue where improper escaping of category names can lead to a possible XSS attack. This atnly be performed by authenticated editors, so we consider it medium-impact. If you run a multi-user blog with untrusted authors, you are urged to upgrade to the new release. Many thanks to Edric Teo for reporting this issue to us, which could then be fixed within the same day.



Some other notable bug fixes are:

Report errors, if inclusion of JavaScript files may throw PHP errors to help in diagnosing an installation
Support for user.css backend CSS additions, without needing to edit the 2k11 backend theme.
Some JavaScript fixes for the backend, better theme fallback methods.

Lesen Sie mehr: http://blog.s9y.org/archives/263-Serendipity-2.0.1-released.html






2.0
 (Hauptversion)
27 Januar 2015 - 27MBOur main goal for Serendipity 2.0 was to clean up our backend structure, both in terms of coding and especially in terms of design and usability. We firmly believe to now be at a point where we want to show off our hard endeavours, and feel Serendipity 2.0 can now be properly used.



Highlights

New Responsive theme, usable for desktop, tablet and mobile devices.
A new frontpage (aka "Dashboard") shows you the most notable things on your blog
A redone navigation tries to structure the backend tasks in a better way
"Themes" is now the definitive word, where we previously used "Template", "Style" or "Theme". We're committed to stick with this now. ;-)
The bundled WYSIWYG editor has been changed to CKEditor.
A conservative but thorough rework of the Media Library.
Restructured core and removed some older cruft.
New Metatron tool which can perform a number of administrative tasks on the command line.

Lesen Sie mehr: http://blog.s9y.org/archives/261-Serendipity-2.0-released.html



Zeige mehr Versionen




1.7.8

9 Februar 2014 - 27MB
Fixed a regression caused by the prior 1.7.6/1.7.7 release.

Lesen Sie mehr: http://blog.s9y.org/archives/254-Serendipity-1.7.8-released.html






1.7.7
 (Sicherheitsupdate)
6 Februar 2014 - 27MB
Fixed an XSS by using a specially crafted username can happen when viewing the "Manage users" screen
Fixed an XSS when creating an entry with specially crafted id/timestamp values
Fixed a SQL injection when installing a plugin with a specially crafted name

Lesen Sie mehr: http://blog.s9y.org/archives/253-Serendipity-1.7.7-released.html






1.7.5

20 Januar 2014 - 27MB
Fixed textile PHP 5.2 (namespace) compat issue
Added default value to spamblocks required_fields option [name,comment]

Lesen Sie mehr: http://blog.s9y.org/archives/252-Serendipity-1.7.5-released.html






1.7.4

11 Januar 2014 - 27MB
Updated textile plugin for PHP 5.3+ compatibility
Updated spamblock captcha creation for PHP 5.3+
Updated Smarty library
Improved .htaccess "deny" method for the Spamblock plugin

Lesen Sie mehr: http://blog.s9y.org/archives/251-Serendipity-1.7.4-released.html






1.7.3
 (Sicherheitsupdate)
29 August 2013 - 27MBThis release only addresses a bugfix for one functional issue (trackbacks to SSL-servers) and a security issue in the bundled htmlarea spellchecker module (see http://osvdb.org/87395). Thanks to Henri Salo for pointing out this issue.
Lesen Sie mehr: http://blog.s9y.org/archives/250-Serendipity-1.7.3-released.html






1.7.2

28 Juli 2013 - 27MB
Serendipity will switch to mysqli if PHP >= 5.5 is used (mysql is deprecated in that version)
Upgrade Smarty to 3.1.14
The outdated browsercompatibility plugin will be uninstalled
Properly migrate a "baseURL" option which might be set to an empty value on installations where the configuration has never been saved after the update.
The name of a authorgroup was empty when editing a usergroup

Lesen Sie mehr: http://blog.s9y.org/archives/249-Serendipity-1.7.1-and-1.7.2-released.html






1.7

23 Mai 2013 - 27MB