March 2018 - Security Updates And Bug Fixes

  • Thread starter logic
  • Start date
  • Tagged users None
logic

logic

Administrator
Staff
6,929
313
These issues are now fixed :)

  • In some cases, a Solve Media CAPTCHA challenge would erroneously pass if the HTML was tampered with (such as via a spam bot).
  • Better support for media embeds and user mentions in the IPS Forums 4.x importer.
  • Fix for missing likes on import from XF to XF.
  • Improve PHP 7.x compatibility in the SMF importer.
  • Add rel="canonical" to the quick navigation template to avoid indexing duplicate content.
  • Security: Disable use of js/videojs/video-js.swf and remove calling it from the template.
  • Recommend users upgrade to PHP 5.6 or above when installing or upgrading.
  • Fixed behaviour of user upgrade downgrades following refund/reversal
  • Use a less permissive scope for Google integration
  • Fix success message when downgrading a user
  • Use latest Google analytics code
  • Handle deleted users in spam cleaner better
  • Throw an error if a trophy is created without criteria
  • Drop the use of 'assoc' from Twitter and Facebook redirects
  • Fix the max length of the controller name in session activity updates
  • Automatically replace ReCAPTCHA v1 with ReCAPTCHA v2 (NoCaptcha). ReCAPTCHA v1 will be retired in 2018 and will no longer function.
  • Use an alternative approach for sitemap XML URLs due to changes in Google that prevented the old query string approach from being indexed as expected.
  • Improved compatibility with PHP 7.2 in several areas.
  • Fixes and improved compatibility in the IPB importer.
  • Adjust the user upgrade expiration delay to only apply to recurring subscriptions and give a larger grace period to handle larger delays from PayPal.
  • Only trigger the CSS cache for "good" requests to reduce the chance of the cache ballooning.
  • Limit the number of users matched by the admin quick search to avoid memory issues.
  • Improved compatibility with mixed TLS modes when using a proxy server to serve untrusted HTTP requests.
  • When permanently banning a user, automatically move them out of awaiting approval.
  • Add noindex/nofollow to some pages/links that have little value in search engines.
  • Ensure hours/minutes inputs display in the proper order in RTL.
 
Top Bottom