XOOPS: XOOPS 2.5.6 RC 1 Released for Testing on PHP 5.4

Posted by: MambaOn 2013/3/27 18:00:00 8570 reads
After close to 45,000 downloads of XOOPS 2.5.5, we're getting closer to release of our next version: XOOPS 2.5.6

As more and more hosts are switching to PHP 5.4.x, some of our users are having issues with XOOPS 2.5.5, since it was not certified for PHP 5.4.x

Therefore we will be releasing XOOPS 2.5.6, that will run without any problems on PHP 5.4.x

Please note: the fact that the XOOPS Core runs correctly on PHP 5.4.x, doesn't mean that all your modules will run correctly, therefore you'll need to test them.

However, the recently released modules that qualify for our Basic Module Pack, are all tested on PHP 5.4.13, and they should run just fine.

There will be more modules coming soon (see this list)

For all others, please let us know about any issues you might have.

Download: SourceForge File Repository.

Please remember: This is RC Release version for features testing only!!!!

DO NOT install it on a production site and DO NOT upgrade any production site with it!!!

Please post and discuss all issues related to this release in this thread


XOOPS Development Team
March 27th, 2013

Changelog for RC1:

Quote:
Bugfixes:
- Array to string conversion (geekwright/mamba)
- issues with missing xoopscomments table (geekwright/sabahan/Mamba)
- bug with using reference for non-variables (geekwright/mamba)
- number of users when "all groups" selected was wrong (tatane/mamba)
- fix for potential lack of rendering css and javascript in Installer on the last screen (culex)
- fix for missing Protector logo under PHP 5.4 (mamba)
- replacing ereg with preg_match in userutility.php (pmartina/paul)
- #1219 dhtmltextarea editor accent not displayed (cesag/alain091)
- added missing call for user language in /profile/index.php (xoobaru/zyspec)

Security fixes
- XSS/CSRF vulnerability in system/admin/groupperm.php (Dingjie Yang,Qualys/trabis)
- XSS/CSRF vulnerability in system/modulesadmin/main.php (Dingjie Yang,Qualys/trabis)
- XSS/CSRF vulnerability in system/admin/blocksadmin/main.php (Marcin,Ariko-Security Team/trabis)
- LFI vulnerability in system/admin/tplsets/jquery.php (Marcin,Ariko-Security Team/trabis)