Foswiki 2.0.2 available for download.

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Foswiki 2.0.2 available for download.

George (Foswiki)

Foswiki 2.0.2 is available!

Hello Foswiki Community,

We are very pleased to announce that Foswiki 2.0.2 is available for download.  Nearly 7 years ago, November 19th, 2008, the Foswiki name was announced. Since then, the project has made approximately 22 releases of Foswiki. This release builds upon the collective effort of many developers and sponsors across the 7 year project history.  Foswiki 2.0.2 was built on 30 September 2015.

Highlights of this release

  • 65 fixes and 5 enhancements
  • Major performance bug fixed in Query search. Some sites have seen 350% improvement.
  • Several "Severity 3" security issues fixed. Documented in tasks per the Foswiki security process.
  • Configuration wizard added to incorporate manually installed extensions and check for configuration errors from the command line.
See ReleaseNotes02x00 for complete release notes. See FoswikiRelease02x00x00 for highlights of the 2.0 release.

For users:

  • Several significant compatibility fixes to the EditRowPlugin make it much more viable as a replacement for the EditTablePlugin

For administrators:

  • Security fixes:
  • Note that access to these tasks is currently restricted to give sites time to update.  The following actions are recommended:  These actions are needed to block possible Cross Site Script (XSS) attacks.

    • If your site has enabled Guest commenting (not a default configuration) then after installation of this update, any customized comment templates need to be carefully reviewed.  Any instances of encode="off" found in the output templates should be changed to encode="$encodeguest".  This fix is available to older releases using the latest CommentPlugin from the Extensions web.

    • After installation of 2.0.2. any topics containing %URLPARAM% macros should be reviewed.  We recommend that any broswer input be entity encoded.  %URLPARAM{"somefield" encode="entity"}%.   Foswiki 2.0.2 has enhanced this to permit combinations of encodings.   %URLPARAM{"somefield" encode="quote, entity"}%.  The Foswiki 2.0.2 SEARCH macro has a new feature to undo any parameter encoding,   So when used with SEARCH, we recommend the following: %SEARCH{"%URLPARAM{"somefield" encode="quote, entity"}%" decode="entity"}%   Used in this way, it permits searching for literal strings containing any characters without introducing any XSS paths.

      Caution: The changes to %URLPARAM macro are not backwards compatible with prior versions of Foswiki. JQueryPlugin (not yet uploaded) and TipsContrib will require patches to Foswiki 1.x and 2.0. to be compatible.

Translation status

As of this release,
  • Traditional Chinese, Danish, French, German and Italian are >99% complete.
  • Czech is >96% complete.
  • Dutch, Norwegian, and Portuguese (Brazil) are 70-88% complete.
  • Other languages are 60% complete or lower.
For more details on translation status, see Community.TranslationTeam and Foswiki's Weblate translation server. Foswiki is now using continuous translation, so contributions at any time are very helpful. The Foswiki community thanks the Translators for their Herculean efforts. If you are interesting in helping with the translation, please contact [hidden email].

On behalf of the entire Foswiki project community,  special thanks and VirtualBeer to everyone who made this new release possible.

George Clark
Release Manager, Foswiki 2.0

Konsole outp

Foswiki-discuss mailing list
[hidden email]