Releases: ClassicPress/ClassicPress-release
ClassicPress 2.1.1
ClassicPress 2.1.1 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 2.1.0
Minor changes and bugfixes since 2.1.0
- Change the prompt for clarity when incompatible plugins and themes are detected
- Cleaned up files removed for the core codebase in 2.1.0
- Install the new ClassicPress Theme
Build and Testing Changes
- Update contributing.md with testing and install information
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.1.0
ClassicPress 2.1.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 2.0.0
New features
- Added a new default ClassicPress theme
- Added Directory dashboard widget
Minor changes and bugfixes since 2.0.0
- Transitioned to SortableJS for Media, Metaboxes and Media
- Fixed
open_basedirwarning in Editor when using TinyMCE plugins - Backport implementation of modern PHP string functions including polyfill
- Restored automatic installation for WordPress Import Tool
- Replaced jQuery UI Autocomplete in datalists
- Replaced jQuery UI dependency in color picker
- Replaced jQuery UI dependency in Revisions slider
- Added option to configure site icons in general settings
- Order attachments by date rather than ID
- Fixed console errors introduced by changes in
script-loader.php - Backport introducing hooks for deleting by post_type
- Introduce filter for classicpress.net URLs in API requests
- Fixed modal not closing when plugins are updated
- Fixed console errors in Customizer
- Fixed tabbing out of media modals
- Removed legacy Adobe Flash code
- Updated
setcookie()calls to include Samesite and array structure - Updated mediaelement.js to v7.0.3
- Updated PHPMailer to 6.9.1
- Backport preventing exposure of private post type slugs
- Fixed metaboxes for non-hierarchical taxonomies
- Added UI to facilitate User Taxonomies
- Added default Media Taxonomies
- Update general-template.php to add enterkeyhint="search" to search-form
- Backport fixing implicit nullable parameter type deprecation on PHP 8.4
- Added more helpful notice when attempting to publish an empty post
- Added Admin Bar notice when
WP_DEBUGis true - Added a filter to the comment template form tag
- Added option to upload media by year alone
- Backport to initialize the $checkout variable in WP_Automatic_Updater::is_vcs_checkout()
- Updated theme.php to use correct deprecation function for HTML5
- Updated translation file API endpoint
- Use correct checksum endpoint in Site Health
- Invalidate opcache for translation-install.php during upgrade
- Backport to fix get_sample_permalink returning the right permalink
Build and Testing Changes
- Conditionally minimize images during build only on Linux to avoid commit pollution
- Extended testing to include PHP 8.2 and 8.3
- Extended Testing to include MySQL 8.0
- Updated PHPUnit object cache testing and implement broader testing on PHP versions
- Fixed skipped QUnit tests due to delayed rendering
- Remove unnecessary use of utf8_encode() in KSES tests to fix PHP deprecation notice
- Added $fixture_replacements for media categories to avoid generated wp-api-generated.js changes in testing
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.7.3
ClassicPress 1.7.3 is available now - use the "Source code (zip)" file below.
This release is a maintenance release in the v1 branch. You are encouraged to update your ClassicPress sites to v2 so you can benefit from continued development efforts and any future security fixes.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.2
- Applied a fix to wp-cli to bring $cp_version into scope
- Added v2 release information to Dashboard widget
- Updated back ported security notes
- Updated license text
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.0.0
ClassicPress 2.0.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.2
This release is a re-fork based on WordPress 6.2.x so brings ClassicPress a host of new features such as Site Health.
In addition, this version also includes:
- HTML5 as the default content output
- Efficiency enhancements made in WordPress 6.3.x
- Modern browser approaches for Widgets, Nav Menus and Meta Boxes
- Added navigation buttons to content editing screens
- Upgraded PHPMailer library
- Fixed deprecated jQuery message in bundled themes
- Build, Test and Dependency upgrades and updates
- Compatibility fix with WooCommerce v3.9.x
- m4tuto for finding a PHP File Upload bypass via Plugin Installer (requiring admin privileges).
- @_s_n_t of @pentestltd working with Trend Micro Zero Day Initiative for finding an RCE POP Chains vulnerability.
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.7.2
ClassicPress 1.7.2 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.1
- m4tuto for finding a PHP File Upload bypass via Plugin Installer (requiring admin privileges).
- @_s_n_t of @pentestltd working with Trend Micro Zero Day Initiative for finding an RCE POP Chains vulnerability.
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 2.0.0-rc1
ClassicPress 2.0.0-rc1 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.1
This release is a re-fork based on WordPress 6.2.x so brings ClassicPress a host of new features such as Site Health.
In addition, this version also includes:
- HTML5 as the default content output
- Efficiency enhancements made in WordPress 6.3.x
- Modern browser approaches for Widgets, Nav Menus and Meta Boxes
- Added navigation buttons to content editing screens
- Upgraded PHPMailer library
- Fixed deprecated jQuery message in bundled themes
- Build, Test and Dependency upgrades and updates
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.7.1
ClassicPress 1.7.1 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.7.0
- Marc Montpas of Automattic for finding a potential disclosure of user email addresses.
- Marc Montpas of Automattic for finding an RCE POP Chains vulnerability.
- Jb Audras of the WordPress Security Team and Rafie Muhammad of Patchstack for each independently discovering an issue where comments on private posts could be leaked to other users.
- John Blackbourn (WordPress Security Team), James Golovich, J.D Grimes, Numan Turle, WhiteCyberSec for each independently identifying a way for logged-in users to execute any shortcode.
- mascara7784 and a third-party security audit for identifying a XSS vulnerability in the application password screen.
- Jorge Costa of the WordPress Core Team for identifying XSS vulnerability in the footnotes block.
- s5s and raouf_maklouf for independently identifying a cache poisoning DoS vulnerability.
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.7.0
ClassicPress 1.7.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.6.0
Minor changes and bugfixes since 1.6.0
- Add a deprecation notice for XHTML theme syntax
- Fix a potential issue in plugin modal including a WordPress backport
- Fix failing PHPUnit test
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.6.0
ClassicPress 1.6.0 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.5.3
New features since 1.5.3
New Dashboard widget raising awareness of ClassicPress 2.0.0 development
Deprecation Notice: the minimum supported version of PHP will be 7.4 in ClassicPress 2.0.0
Minor changes and bugfixes since 1.5.3
Security Page will be hidden by default unless it is used
The Petitions widget has been retired and removed
Backports of upstream enhancements
– Add support for Enums in is_serialized()
– Disable auto-correct when bulk editing slugs
– Prevent excessive trimming of names in email “From” headers
– Correct the check for non-existing post in get_post_permalink()
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub:
ClassicPress 1.5.3
ClassicPress 1.5.3 is available now - use the "Source code (zip)" file below.
Here are the highlights from this release:
Notable changes since ClassicPress 1.5.2
This release is a maintenance and security release.
The security team would like to thank the following people for responsibly reporting vulnerabilities, and allowing them to be fixed in this release.
- A CSRF issue updating attachment thumbnails; reported by John Blackbourn of the WordPress security team
- A flaw allowing XSS via open embed auto discovery; reported independently by Jakub Żoczek of Securitum and during a third party security audit
More information
See the release announcement post on our forums for more details, or have a look at the full changelog here on GitHub: