A new release for phpList is now available for download. You can use the Automatic Updater to upgrade your installation to the latest version or get a copy of the new release from SourceForge for a manual upgrade.
Fixes to look for:
- Dashboard page title has been renamed from “Upgrade phpList” to “Update database” to avoid confusion. Thanks to @hktang for the Pull Request .
- Session fixation: The application now generates a new session key upon authentication to avoid unauthenticated users to obtain key on a legitimate user.
- Sanitise the browser trail cookie to prevent cross-site scripting.
Need help upgrading your phpList server to the most recent version? Ask the community at discuss.phplist.com. Professional support from community experts, as well as manuals, source code, and developer resources, can be found at phplist.org. Report bugs to the bugtracker!
This release is the work of @hktang and other Open Source community members who have submitted bug reports, security reports and valuable feedback, as well as phpList Ltd developers. To get involved in phpList development, check out the developer resources pages.
To get involved in phpList development, check out the developer resources pages.