phpBB 3.3.11 Release

Read me first before posting anywhere!
Subscribe to the feed, available in Image Atom or Image RSS format.
Scam Warning
User avatar
Marc
Development Team Leader
Development Team Leader
Posts: 5724
Joined: Tue Oct 30, 2007 10:57 pm
Location: Munich, Germany
Name: Marc

phpBB 3.3.11 Release

Post by Marc »

Greetings everyone,

We are pleased to announce the release of phpBB 3.3.11 “Bertie’s trip to Zagreb”. This version is a maintenance release of the 3.3.x branch which increases the minimum required PHP version, adds a new search index progress bar with added statistics, optimizes our support for PHP 8.2, and adds further security hardening.

In order to ensure compatibility with PHP 8 while using the OAuth login, we have decided to increase the minimum required PHP version to PHP 7.2. While some operating system distributions might still be offering long-term support for PHP 7.1, it is no longer possible for us to offer this while supporting current versions of PHP.

The new search index progress bar will keep admins informed about the progress of the search indexing while displaying statistics about the current state like indexed posts and indexing rate. In order to optimize our support for PHP 8.2, we have resolved some deprecations and added improved checks to avert any unexpected side effects due to changed behavior in the latest PHP versions.

As a means to further strengthen the security of phpBB, we have changed how exceeding the maximum number of CAPTCHA attempts are handled. Users who have attempted to solve a CAPTCHA too many times will now have to wait until their session has expired.

Additionally, we have also improved the handling of smiley packs in the ACP. Previous releases did not enforce the smiley format as strictly, enabling admins to potentially add JavaScript code via these. While admins do have some freedoms, we deemed it to not be expected behavior and have added safeguards against this in this new release. We’d like to thank shin24 for contacting us about this issue via HackerOne.

The full list of changes is available in the changelog file within the docs folder contained in the release package. You can find the key highlights of this release below and a list of all issues fixed on our tracker at https://tracker.phpbb.com/issues/?filter=16291

The packages can be downloaded from our downloads page.

The development team thanks everyone who contributed code to this release: rxu, Christian Schnegelberger, battye, toxyy, Matt Friedman, im4bb, Andrii Dembitskyi, Dark❶, LukeWCS, MannixMD, Micha Ober, lionel-rowe

If you have any questions or comments, we'll be happy to address them in the discussion topic.

- The phpBB Team
User avatar
Marc
Development Team Leader
Development Team Leader
Posts: 5724
Joined: Tue Oct 30, 2007 10:57 pm
Location: Munich, Germany
Name: Marc

phpBB 3.3.11 Release - Release Highlights

Post by Marc »

Release highlights
  • Notable Improvements
  • Notable Changes
    • Replace OAuth library with PHP8 compatible version: PHPBB3-16877
  • Notable Bugfixes
    • Who is online incorrectly reporting location: PHPBB3-17107
    • Youtube profile field not supporting latest formats: PHPBB3-17129
  • Hardening
    • Limit CAPTCHA attempts at registration for single session
    • Escape smilies URL and prevent paths in .pak filename
User avatar
Marc
Development Team Leader
Development Team Leader
Posts: 5724
Joined: Tue Oct 30, 2007 10:57 pm
Location: Munich, Germany
Name: Marc

phpBB 3.3.11 Release - Event Changes

Post by Marc »

Event changes

PHP Events
  • None
Template Events
  • viewtopic_body_postrow_content_before
    Prosilver Placement: viewtopic_body.html
    Added in Release: 3.3.11-RC1
    Explanation: Add content before the message content in topics views

ACP Template Events
  • None

Return to “Announcements”