Releases
XenForo Releases
1 file
-
XenForo 2.3.7 Released Full | XenForo 2.3.7 Nulled
By cambaz
RAR PASS: CRACKFRM.ORG
XenForo 2.3.7 is now available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.3 upgrade to this release to benefit from increased stability.
In addition to the usual fixes and improvements, XenForo 2.3.7 also includes a critical security fix to ensure the security of Passkeys that have been added to your account. We'd very much like to thank Jai Niresh J for reporting this issue via Eric and team at Hypixel Inc.. Between them they also reported a less severe issue related to local account page caching on shared systems.
This version also tightens up the kinds of methods that can be called from within templates, evolving from a loose "prefix" match to a stricter "first word" match of methods that can be called through callbacks and variable method calls. This fix is courtesy of Cyanide who we extend huge thanks to in taking the time to report this to us.
We'd also like to take this opportunity to notify all third party developers that writing database queries inside templates is not recommended. While this is still allowed in XenForo 2.3.7, the behaviour is now considered deprecated and will be prevented in XenForo 2.3.8. Code which currently triggers this will insert an error into the Server error log and must be fixed prior to the release of XenForo 2.3.8. Where possible, data must be queried and processed and passed into the template rather than being written inside the template itself.
Finally, we'd like to thank @TickTackk for reporting a path disclosure issue in exceptions thrown due to open_basedir restrictions.
If you are a XenForo Cloud customer, a fix has been rolled out automatically, and no further action is required to address this issue.
We recommend doing a full upgrade to resolve the issue, but a patch can be applied manually. See below for further details.
Upload patch files
Download 237-patch.zip
Extract the .zip file
Upload the contents of the upload directory to the root of your XenForo installation
Note: If you decide to patch the files instead of doing full upgrades, your "File health check" will report these files as having "Unexpected contents". Because these files no longer contain the same contents your version of XF was shipped with, this is expected and can be safely ignored.
As always, new releases of XenForo are free to download for all customers with active licenses, who may now grab the new version from the customer area or upgrade from your Admin control panel (Tools > Check for upgrades...).
One-click upgrade to XenForo 2.3.7
Directly from your admin control panel
If you are a XenForo Cloud customer, your upgrade will be scheduled automatically.
Some of the changes in XF 2.3.7 include:
Escape select input option labels
Improve supported EXIF data when client-side image resizing is enabled
Allow fetching forum prefixes even without node permissions
Normalize entity manager repository cache keys
Fix IPv6 binary to string expansion
Fix appearance of member tooltip on recent Safari versions
Use text structured data field for DiscussionForumPosting content
Require confirmation for linking connected accounts
Suppress logging of normal connected account exceptions
Clear site cache data when logging out
Move XF.SolutionEditClick into action.js to resolve dependency issues
Fix carousel margin on RTL languages
Expand global email template parameters
Adjust wording of account approval phrases
Improve typing of repository find methods
Fix issue with missing verbosity when casting collections to webhook results.
Avoid logging errors when IndexNow is having intermittent issues
Delete related user alerts when a trophy is deleted
Add support for viewing and revoking a user's authorised applications from the admin panel
Handle nulls and empty-evaluated strings properly
Detect Google Inspection Tool crawler
No longer create user fields by default during install.
Fix manual video thumbnail generation on iOS
Remove legacy Imagick GIF optimization technique
Display search suggestions properly when results contain guest content
Fix lift ban link on ban edit page
Render all activity summary display values in the user language
Set default Accept-Language header in outgoing HTTP requests
Allow overriding avatar usernames when a user is specified
Fix generated entity type hints for JSON columns
The following public templates have had changes:
carousel.less
connected_account_macros
core_datalist.less
featured_content_item
member_ban_edit
member_tooltip.less
message.less
post_macros
register_connected_account_confirm
style_variation_macros
whats_new_wrapper
Where necessary, the merge system within the "outdated templates" page should be used to integrate these changes.
As always, new releases of XenForo are free to download for all customers with active licenses. You may now upgrade from your admin control panel or grab the new version from the customer area.
Current requirements
Please note that XenForo 2.3 has higher system requirements than earlier versions.
The following are minimum requirements:
PHP 7.2 or newer (PHP 8.3 recommended)
MySQL 5.7 and newer (Also compatible with MariaDB/Percona etc.)
All of the official add-ons require XenForo 2.3.
Enhanced Search requires at least Elasticsearch 7.2.
Installation and upgrade instructions
Full details of how to install and upgrade XenForo can be found in the XenForo 2 Manual. We strongly recommend upgrading directly from within your control panel.
1 download
(0 reviews)0 comments
Submitted