ElkArte 1.0.8 and 1.0.9 released


Bugs Developer
Feb 27, 2013
Today double announcement: 1.0.8 is a security patch that was released the 31st of July, and today we have released a new version to fix a couple of issues in the 1.0.8 code not found during testing.

1.0.8 release announcement:
Today, we are pleased to release ElkArte 1.0.8. This release fixes a security issue related to the unserialize php function (related to CVE-2016-5726 and CVE-2016-5727). The release fixes also some bugs that were found or reported since the release of 1.0.7. As this is a security release, it is extremely important to update for everyone running ElkArte.
If you are running a version prior to 1.0.7, the recommended procedure is install any update since 1.0.7 and then the 1.0.8 patch.

Apart from fixing the security issue, some notable updates in 1.0.8 include:
* stopped using INET_ATON and INET_NTOA to improve IPv6 handling,
* fixed YouTube embedding URLs to avoid problems in certain conditions,
* fixed editing of polls with expiration date,

This release follows our semantic version (MAJOR.MINOR.PATCH), meaning that third-point (x.x.X) releases should contain backwards-compatible bug fixes and enhancements, so for the most part you will not find new features in this release. Major new features will be reserved for second point versions (x.X.x).

Refer to the release notes on the forum for a complete list of updates.

Original source: http://www.elkarte.net/community/index.php?topic=3904.0

I'll skip the 1.0.9 announcement because it's basically the same (but you can find it here, just remember to install both patches!