Jump to content

Invision Community 4.6.5.1

Released 08/12/2021


Key Changes

This is a maintenance release for Invision Community 4.6.

Additional Information

Security

  • Increased the strength of the obfuscation hash appended to non-safe files and increased security on iFrame based embeds in posts.*

Core

  • Added support for Brightcove video embeds.
  • Improved MySQL efficiency when deleting members.
  • Set a default value for the search flood time when creating a member group.
  • Improved logging for errors returned by Elastic Search.
  • Added delete & merge logic for the logins log on member deletion and when 2 accounts are merged.
  • Fixed an issue when upgrading to 4.5.0 with duplicate keys when consolidating the referrer tables.
  • Fixed downloading files with non-latin character downloaded with corrupt characters in Edge and Chrome.
  • Fixed broken links in the our picks widget.
  • Fixed an issue where the Oauth1 Login Handler would use a not existing method to log any upcoming errors.
  • Fixed the rank title not displaying correctly in new rank notification emails.
  • Fixed an issue where it was not possible to alter file storage configurations in some circumstances.
  • Fixed an issue where achievements would show in a hovercard for a member in a group that has achievements disabled.
  • Fixed an issue where badge images could be uploaded with the same name, thus deleting one could delete many.
  • Fixed an issue where ranks show on the AdminCP member list when Achievements are disabled.
  • Fixed an issue where anonymous users may be cached in Who's Online blocks.
  • Fixed an issue where a reserved keyword is used (specific to MySQL 8.0.17/18)
  • Fixed an issue with Elastic Search not being able to index anonymous content.
  • Fixed incorrect timezone detection for users in Argentina.
  • Fixed an issue where the notifications page could throw an exception while trying to return notification data from plugins or not existing notification extensions.
  • Fixed inability to upload WebP images to Group Icons and Ranks/Badges.
  • Made a minor change to ensure the registration page is not cached by a web browser.
  • Expired warning points are now differentiated between active warning points in member profiles for improved clarity.

Pages

  • Fixed an issue when creating a record in the Admin CP and choosing another member as the author would not fire achievements for that author.
  • Fixed an error attempting to copy a topic to a database that is not on a page.
  • Fixed some missing language strings which would result in a failure while creating a review.

Forums

  • Fixed an issue where Topics would not refresh when selecting Forums in Fluid view.
  • Fixed malformed JSON-LD markup for archived topics.
  • Fixed an issue where parent was required but not marked required when updating a forum via REST API.
  • Fixed an issue where legacy deleted posts are not removed correctly when upgrading from Invision Community 3.x.

Downloads

  • Fixed an issue where copying a topic to a database would result in an IN_DEV CSRF key warning.
  • Set a default value for the 'Time user must wait before download starts' group setting while creating a member group.
  • Fixed an issue where a large file description may not save if it is larger than 64kb.

Converters

  • Added Invision Community converters for Downloads & Gallery.
  • Fixed some minor issues encountered during an Invision Community conversion.

Commerce

  • Fixed an issue where the Billing Agreements synchronisation task wouldn't check payments via PayPal Subscriptions API.

REST / OAuth

  • Fixed the members/follows POST endpoint which would return an error when trying to follow some content.

Calendar

  • Fixed an issue where copying a calendar event with a broken cover image would result in an exception.

* An independent security researcher, Simon Scannell, has reported this vulnerability to the SSD Secure Disclosure program



×
×
  • Create New...