Greetings everyone,
We are pleased to announce the release of phpBB 3.3.11 “Bertie’s trip to Zagreb”. This version is a maintenance release of the 3.3.x branch which increases the minimum required PHP version, adds a new search index progress bar with added statistics, optimizes our support for PHP 8.2, and adds further security hardening.
In order to ensure compatibility with PHP 8 while using the OAuth login, we have decided to increase the minimum required PHP version to PHP 7.2. While some operating system distributions might still be offering long-term support for PHP 7.1, it is no longer possible for us to offer this while supporting current versions of PHP.
The new search index progress bar will keep admins informed about the progress of the search indexing while displaying statistics about the current state like indexed posts and indexing rate. In order to optimize our support for PHP 8.2, we have resolved some deprecations and added improved checks to avert any unexpected side effects due to changed behavior in the latest PHP versions.
As a means to further strengthen the security of phpBB, we have changed how exceeding the maximum number of CAPTCHA attempts are handled. Users who have attempted to solve a CAPTCHA too many times will now have to wait until their session has expired.
Additionally, we have also improved the handling of smiley packs in the ACP. Previous releases did not enforce the smiley format as strictly, enabling admins to potentially add JavaScript code via these. While admins do have some freedoms, we deemed it to not be expected behavior and have added safeguards against this in this new release. We’d like to thank shin24 for contacting us about this issue via HackerOne.
The full list of changes is available in the changelog file within the docs folder contained in the release package. You can find the key highlights of this release below and a list of all issues fixed on our tracker at https://tracker.phpbb.com/issues/?filter=16291
The packages can be downloaded from our downloads page.
The development team thanks everyone who contributed code to this release: rxu, Christian Schnegelberger, battye, toxyy, Matt Friedman, im4bb, Andrii Dembitskyi, Dark❶, LukeWCS, MannixMD, Micha Ober, lionel-rowe
If you have any questions or comments, we'll be happy to address them in the discussion topic.
- The phpBB Team
We are pleased to announce the release of phpBB 3.3.11 “Bertie’s trip to Zagreb”. This version is a maintenance release of the 3.3.x branch which increases the minimum required PHP version, adds a new search index progress bar with added statistics, optimizes our support for PHP 8.2, and adds further security hardening.
In order to ensure compatibility with PHP 8 while using the OAuth login, we have decided to increase the minimum required PHP version to PHP 7.2. While some operating system distributions might still be offering long-term support for PHP 7.1, it is no longer possible for us to offer this while supporting current versions of PHP.
The new search index progress bar will keep admins informed about the progress of the search indexing while displaying statistics about the current state like indexed posts and indexing rate. In order to optimize our support for PHP 8.2, we have resolved some deprecations and added improved checks to avert any unexpected side effects due to changed behavior in the latest PHP versions.
As a means to further strengthen the security of phpBB, we have changed how exceeding the maximum number of CAPTCHA attempts are handled. Users who have attempted to solve a CAPTCHA too many times will now have to wait until their session has expired.
Additionally, we have also improved the handling of smiley packs in the ACP. Previous releases did not enforce the smiley format as strictly, enabling admins to potentially add JavaScript code via these. While admins do have some freedoms, we deemed it to not be expected behavior and have added safeguards against this in this new release. We’d like to thank shin24 for contacting us about this issue via HackerOne.
The full list of changes is available in the changelog file within the docs folder contained in the release package. You can find the key highlights of this release below and a list of all issues fixed on our tracker at https://tracker.phpbb.com/issues/?filter=16291
The packages can be downloaded from our downloads page.
The development team thanks everyone who contributed code to this release: rxu, Christian Schnegelberger, battye, toxyy, Matt Friedman, im4bb, Andrii Dembitskyi, Dark❶, LukeWCS, MannixMD, Micha Ober, lionel-rowe
If you have any questions or comments, we'll be happy to address them in the discussion topic.
- The phpBB Team
Statistics: Posted by Marc — Sun Oct 22, 2023 12:48 pm — Replies 2 — Views 71426