Once again we have two sister releases: 1.8.7 "Tokyo" and 1.9.2 "Kyoto".
They both include additional security enhancements over the previous versions.
Although the addressed issues are not very likely to be exploited in a meaningful way, we still recommend that you upgrade for maximum security.
Version 1.9.2 "Kyoto" irons out the glitches remaining in the 1.9.x branch and we now consider 1.9.2 to be our new stable release. You may want to take this opportunity to upgrade to 1.9 if you're still using 1.8.x or an older version.
Happy New Year to everyone!
And if you're a b2evolution blogger, I foresee 2007 will be a great year for you!
From where I stand, I see an upcoming 2.0 release this year, featuring many of the most requested features, plus a couple more that you may not have expected.
Before that, we'll also release a stable 1.9.x version, which should feature a new selection of default plugins.
And right now, you may have noticed, we have cleaned up the website a little bit. Most obviously, the home page now has the news in a prominent place. That's not just a design decision; that's also because we expect more news this year than ever before... Stay tuned!
In the meantime, the whole evoteam wishes you the best blogging year you can possibly make!
I am sorry to report that our forums server (the one in New Zealand) crashed... and crashed pretty bad... most recent backups included
The forums are back online but, unfortunately, the most recent backup we could restore is from Dec 18. While we've had it worse in the past, we still hope to do better in the future. Anyway, if you asked for help recently and you can't find your post, don't get mad, your post has *not* been deleted... it unfortunately got lost. Please post again.
On a related note, you may have noticed that the main b2evolution.net site (that one hosted in the US) has suffered some (a little bit too frequent) outages during the last weeks/months. In an attempt to improve this, we have just moved the site to a new server. (Hopefully it gets better... if you notice a difference, please let us know...)
If you can read this, you are reading off the new server!
Only December the 2nd and we already have 2 new releases this month! It may seem as we can't get enough releases out the door. But these ones are for your security, so...
It is extremely strongly advised you upgrade!
These releases patch the security issue discovered this week in 1.x releases. (If you are running version 0.9.1 or 0.9.2 you are not affected, but it would still be a good idea to upgrade.)
Those versions are codenamed after Anne & Chris who were the first two users reporting the issue. Thanks to both of you as well as to all other users who have helped identifying and fixing this issue in such a short delay.
These versions also include additional security measures, just in case. Sort of having two locks on your door instead of one.
Bonus in version 1.8.6 "Anne": Yearly archives are back. You can display all posts for 2005 with your-blog-url?m=2005
Bonus in version 1.9.1-beta "Chris": a few little bug fixes that make this version less of a beta than 1.9.0
Well, it's been a long time since the last security alert, but every now and then someone finds a security hole and it gets exploited...
This one doesn't affect b2evolution in itself but the Movable Type Importer as shipped with b2evolution since version 1.6. So, in effect, this security issue affects all versions of b2evolution since 1.6.
The good news is that it is very easy to secure your b2evolution installation before it gets hit by an attack: just delete the Movable Type Importer (you don't need it. It is only used *during* the import if you have migrated from MT to b2evo).
In b2evo versions 1.x, delete this file from your server:
In b2evo versions 0.9.x, you don't need to do anything, you're not affected by this issue. Your version is aging though, and you should consider upgrading as soon as we release 1.8.6.
Older versions: you are not affected by this issue, however your version is so old that you may be affected by other issues. It is strongly advised to upgrade.
Version 1.9.0 is now available for download on SourceForge.
This has been in the works for quite a few months now and includes many new features. Enough good features to make you feel like it's Christmas before Christmas! But don't take our word for it. Go check it out!
It is a beta version but if you're not afraid of occasionally patching a quirk or two, it is probably stable enough to be run on production (we do so on several sites).
Otherwise, the rock stable version 1.8.5 is still the recommended stable release.
Translators: this new version includes new strings. Now would be a good time to update your language packs and send them in! New translations or alternative translations to existing ones are welcome too!
New features you may like include:
Plugin enhgancements include:
And for more details about additional fixes and improvements, please refer to /doc/changes.html within the downloaded ZIP file.