Publify 8.0.2 - Security and bug fixes

@fdv fdv released this Sep 14, 2014 · 1102 commits to master since this release

Released Sunday September the 14th, Publify 8.0.2 is the result of a bug squashing session.

Thank you to our contributors Alexander Markov, Benoit C. Sirois, Hans de Graaff, Soon Van, Tor Helland and Nicolas Bianco.

CVE-2014-3211

Très Acton has discovered a risk of denial of service by memory exhaustion in the way Publify comments user input are parsed.

Other bugs

When using the more tag, articles content is displayed twice (#423 and #474)

The editor save bar jumps up and down when typing with inconsistent behavior (#428).

The help messages can't be hiden (#429)

Avatars in the Dashboard's last comments block are not inline with the comment. (#431)

Dashboard inbound links widget is broken (#432)

The admin / content search does not bring anything back (#433)

The content and page editor layout are not consistent (#442, #453)

When creating a post, tags are shown in white on white (#443)

The articles date picker does not allow to change the time the article is published (#444)

Using the articles date picker results in a 500 error (#445)

Marking content as spam using the thumb icon results in a 500 error (#447)

Media library: the JS refactoring removed the lightbox (#454)

Admin / sidebar: trying to remove a sidebar item does not work (#455, #473)

Admin / sidebar: the help box should be in a blue block (#456)

Lots of unused assets to clear (#475)

Cancel links are not displayed correctly (#482)

File upload is broken (#488)

Fixes link caching issue (All cached links are the same basically)

Use a relative image path for blogs installed outside of the site root

Fixes archives page caching

Feature and improvement

Improved Russian, Norwegian and French translations

Upgrade to Rails 3.2.18

Add support for a human.txt

Downloads