Foswiki Release 1.1.9
On this page:
- Foswiki - The Free and Open Source Wiki
- Foswiki Releases
- Pre-installed Extensions
- Important changes in Foswiki 1.1.9 (This release)
- Important changes in Foswiki 1.1.8
- Important changes in Foswiki 1.1.7
- Important changes in Foswiki 1.1.6
- Default format of "New Topic" links has changed.
- JQuery version updates
- Registration handling
- Wysiwyg / TinyMCE Editor changes
-
Insecure dependencyerrors when using LOCALEs - A serious performance problem when renaming topics has been resolved
- Performance problems when logs are "Rotated" at end of month.
- JQuery Chili highlighter is enabled by default.
-
configurenow backs up the configuration - Markup within input fields are no longer rendered
- Sandbox WebHome topic updated with improved validation of new topic name
- Important changes in Foswiki 1.1.5
- Important changes in Foswiki 1.1.4
- 1.1.3 may have changed some form.name MetaData to contain fully-qualified (with web name prefix) values
- Email enhancements
- Password Authentication enhancements Item9164 and Item10962
- Changes to User Registration topics Item1539
- Changes to Foswiki Logging - Item10637, Item11157
- Major JQuery changes
- Changes to Store
- Changes to SpreadSheetPlugin
- Changes to JSCalendarContrib.
- Important changes in Foswiki 1.1.3
- Important Changes in Foswiki 1.1.2
- Important changes in Foswiki 1.1.0
- Foswiki Release 1.1.0 Details
- Foswiki Patch Release 1.1.1 Details
- Foswiki Patch Release 1.1.2 Details
- Foswiki Patch Release 1.1.3 Details
- Foswiki Patch Release 1.1.4 Details
- Foswiki Patch Release 1.1.5 Details
- Foswiki Patch Release 1.1.6 Details
- Foswiki Patch Release 1.1.7 Details
- Foswiki Patch Release 1.1.8 Details
- Foswiki Patch Release 1.1.9 Details
Foswiki - The Free and Open Source Wiki
Foswiki is an enterprise collaboration and information sharing tool targeted for professional use in many types of organizations: from small businesses to multi-nationals, from one-product open source groups, to worldwide research networks.
Foswiki is a wiki: fundamentally, a website with editable web pages. It looks like a normal web site but it encourages contributions, edits, updates, questions, and answers from its users. It's a powerful way of enabling a community to communicate asynchronously using intranet and public internet websites. Foswiki is simple to learn and use. It aims to provide a transparent way for you to publish and exchange your ideas with others over the web and eliminates the one-webmaster syndrome of outdated intranet content.
Foswiki is a structured wiki with tools that enable users without programming skills to build powerful yet simple applications to process information and support workflows. Developers can extend the functionality of Foswiki with plugins.
Foswiki is the old TWiki project under a new name. Restrictions on the use of the TWiki brand resulted in many of its developers continuing the project under the new Foswiki name. Foswiki is backwards compatible with all content from older TWiki installations. Foswiki 1.1 ships with a TWikiCompatibilityPlugin, thus enabling most extensions made for TWiki to work under Foswiki. Since the start of the Foswiki project there have been several releases of TWiki, However there have been very few functionality changes, and the useful changes have all been tracked in Foswiki, so topics and wiki applications supported by TWiki should also work with Foswiki.
Foswiki is released under the GNU General Public License.
Foswiki Releases
- Foswiki 1.0.0, the first Foswiki was released on 09 Jan 2009.
- Foswiki 1.0.1, 1.0.2 and 1.0.3 were released internally in the development community, but were never publicly released.
- Foswiki 1.0.4 was built 19 Mar 2009. It is a patch release with more than 120 bug fixes relative to 1.0.0 and only very few minor enhancements.
- Foswiki 1.0.5 was built 25 Apr 2009. It is a patch release with more than 150 bug fixes relative to 1.0.0 and a few enhancements. This patch release further enhances the robustness and the security of the Foswiki software.
- Foswiki 1.0.6 was built 21 Jun 2009. It is a patch release with more than 200 bug fixes relative to 1.0.0 and some enhancements. This version introduces a major enhancement in security against Cross-Site Request Forgery. Further more a central translation framework got introduced which ease the translation process and enables all users to contribute to translations.
- Foswiki 1.0.7 was built 20 Sep 2009. It is a patch release with more than 240 bug fixes relative to 1.0.0 and some enhancements. This release fixes some serious issues introduced by the CSRF fix and the redirect cache fix in 1.0.6. Major enhancement that also fixes many annoying editor bugs is the upgrade of the Tiny MCE editor to version 3.2.2.
- Foswiki 1.0.8 was built 29 Nov 2009. It is a patch release with more than 280 bug fixes relative to 1.0.0 and some enhancements. This release fixes a short list of quite annoying old bugs incl a bug that prevented efficient use of MailerContrib for producing newsletters. The Wysiwyg editor has been upgraded with the latest Tiny MCE editor release 3.2.7.
- Foswiki 1.0.9 was built 17 Jan 2010. It is a patch release with more than 320 bug fixes relative to 1.0.0 and several enhancements. This release fixes many bugs in the Wysiwyg editor, bugs related to more advanced wiki applications and bugs in the Plugin API. It contains several bug fixes and enhancements related to security and spam fighting.
- Foswiki 1.0.10 was built 08 Sep 2010 as a patch release with more than 410 bug fixes relative to 1.0.0. It is assumed to be the last 1.0.X release.
- Foswiki 1.1.0 was built 04 Oct 2010. It is a release with more than 270 bug fixes relative to 1.0.10 and more than 680 bug fixes relative to 1.0.0. And the release adds more than 100 enhancements. Foswiki 1.1.0 introduces jQuery Javascript user interface framework, improved topic history display, new QUERY and FORMAT macros, better userinterfaces for groups, much improved WYSIWYG editor, facelift of the default skin, much improved configure tool, and many more enhancements.
- Foswiki 1.1.1 was built 25 Oct 2010. It is a release that fixes some important bugs that were introduced in 1.1.0. It is highly recommended that all running 1.1.0 upgrade to 1.1.1.
- Foswiki 1.1.2 was built 09 Nov 2010. It is a release that fixes some very important bugs incl. a security related bug. Installations running 1.1.0 and 1.1.1 should be upgraded to 1.1.2
- Foswiki 1.1.3 was built 16 Apr 2011. It is a release that fixes more than 150 bugs. jQuery has been updated to 1.4.3. The default PatternSkin has some usability improvements.
- Foswiki 1.1.4 was built 20 Dec 2011. It is a release that fixes some very important including some security related issues. It contains 143 fixes and 27 enhancements. jQuery has been updated to 1.7.1.
- Foswiki 1.1.5 was built 10 Apr 2012. It is a release that fixes some very important issues including some security related issues. It contains 100 fixes and 20 enhancements.
- Foswiki 1.1.6 was built 02 Dec 2012. It is a release that fixes some important issues including some minor security related issues. It contains 94 fixes and 27 enhancements.
- Foswiki 1.1.7 was built 01 Feb 2013. It is a release that fixes CVE-2012-6329 and CVE-2012-6330. It contains 20 fixes and 4 enhancements.
- Foswiki 1.1.8 was built 28 Feb 2013. It is a release that fixes CVE-2013-1666. It contains 4 fixes.
- Foswiki 1.1.9 was built 18 Nov 2013. It is a release that contains 44 fixes and 4 enhancements..
Pre-installed Extensions
Foswiki 1.1 ships with the following:
- Plugins: AutoViewTemplatePlugin, CommentPlugin, EditTablePlugin, EmptyPlugin, HistoryPlugin, InterwikiPlugin, JQueryPlugin, PreferencesPlugin, RenderListPlugin, SlideShowPlugin, SmiliesPlugin, SpreadSheetPlugin, TablePlugin, TinyMCEPlugin, TwistyPlugin, WysiwygPlugin
- Contribs: CompareRevisionsAddOn, FamFamFamContrib, JSCalendarContrib, MailerContrib, PatchFoswikiContrib, TipsContrib, TopicUserMappingContrib
- Skins: PatternSkin
- Compatibility support - TWikiCompatibilityPlugin
Important changes in Foswiki 1.1.9 (This release)
Release 1.1.9 fixes a number of important bugs. Several are security related and we strongly recommend that sites upgrade to this release.- The
%TOPICLIST%macro now omits topics that cannot be read by the user. Foswiki should not reveal the presence of topics to users who don't have the authority to view the topic. - Login using url parameters has been restricted. Details below..
Release 1.1.9 addresses several issues that impact sites that have upgraded or will upgrade to newer versions of perl and CPAN modules. We strongly recommend that foswiki be upgraded to 1.1.9 prior to updating to a new release of perl or CPAN modules.
Two serious performance issues have been corrected. The TablePlugin amassed CSS from all visited topics, growing with each view. And an error in SEARCH caused exponential growth of the search expressions which could cause out of memory issues on the server. These could be especially severe for sites using FastCGI or Mod_Perl. See #Rel01x01x09Details for details.JQuery upgrade
This release ships with several upgraded versions of JQuery, and changes the default release to version1.8.3. It also replaces the deprecated JQuery
Tooltip plugin with the new UI::Tooltip. Upgraders should visit bin/configure and make the following changes to the Jquery configuration: - Update
{JQueryPlugin}{JQueryVersion}to version1.8.3 - Disable
{JQueryPlugin}{Plugins}{Tooltip}{Enabled}and - Enable
{JQueryPlugin}{Plugins}{'UI::Tooltip'}{Enabled}
Changes to login using URL parameters
All versions of foswiki previously allowed the username and password parameters to be provided on the URL. For ex:bin/view/Myweb/SomeTopic?username=JoeUser;password=SEcrET. Foswiki 1.1.9 has been changed to further restrict login: - username and password will only be accepted on POST type operations. a simple GET url with username and password will not accept the supplied credentials.
- The previous behaviour can be restored by enabling
$Foswiki::cfg{Session}{AcceptUserPwParamOnGET}in the configuration
- The previous behaviour can be restored by enabling
- username and password will only be accepted as login credentials on the
view,viewauthandloginscripts.- Other scripts can be authorized by configuring
$Foswiki::cfg{Session}{AcceptUserPwParam}
- Other scripts can be authorized by configuring
Improved compatibility with Perl 5.18+
Foswiki 1.1.9 has been tested with perl 5.18+. Perl 5.18 has made a very significant change in how hash tables are randomized and stored. See 5.18 perldelta for more information. The change has had some minor impact on Foswiki, most of which were test failures, not core code issues, and were fixed in Item12616. It did however result in discovery of some core bugs that were also fixed. Sites upgrading to perl 5.18 should carefully test foswiki and review the open tasks at http://foswiki.org/Tasks/PlatformPerl518. Please report any new issues there. The following differences have been noticed when running under Perl 5.18, and have not been corrected:- The order of search results order when the requested sort has duplicates is unpredictable. Ex: When sorting by "modified", the order of multiple topics modified at the exact same time will be unpredictable. (Task Item12618)
- The order of groups presented by
%USERINFOand%GROUPINFOmacros is unpredictable. As a result, the order of groups listed by the WikiGroups topic change on each page view. (Task Item12635) - The order of data in a
perlformatted%QUERYresult is unpredictable. (No plan to fix)
Any data internally stored by Foswiki or extensions using a perl hash array will be presented in unpredictable order.
Important changes in Foswiki 1.1.8
Release 1.1.8 fixes a Critical Security Vulnerability. All previous releases of Foswiki are vulnerable to a security issue in Locale::Maketext. It is described further in SecurityAlert-CVE-2013-1666. It is expected that this will be the last release in the Foswiki 1.1 series. The next major release will be a feature release: Foswiki 1.2.0Release 1.1.8 also includes a configuration checker that will report an error if a vulnerable version of Locale::Maketext is installed.
See #Rel01x01x08DetailsImportant changes in Foswiki 1.1.7
Release 1.1.7 fixes a Critical Security Vulnerability. All previous releases of Foswiki are vulnerable to a security issue in Locale::Maketext. It is described further in SecurityAlert-CVE-2012-6329. A 2nd vulnerability in the Foswiki%MAKETEXT% macro was also discovered, and is described further in SecurityAlert-CVE-2012-6330 . It is expected that this will be the last release in the Foswiki 1.1 series. The next major release will be a feature release: Foswiki 1.2.0
Release 1.1.7 also includes a security fix for configure that reduces exposure of important passwords in confirmation and log messages.
See #Rel01x01x07DetailsModule version strings and new module dependency in 1.1.6 and 1.1.7
The Foswiki and default extension version strings have been changed from a developer oriented string Foswiki-1.1.5, Tue, 10 Apr 2012, build 14595, to a simple perl version string - "v1.1.6". The "RELEASE" string will continue to be more descriptive and can be displayed with a new macro%WIKIRELEASE%.
This adds a new dependency on version 0.77 - the Perl module version class. - Sites using Perl 5.10.1 or newer have the correct version of version.
- Sites on older versions of perl should install the latest
versionusing CPAN or their system's package manager.
Before upgrading to Foswiki 1.1.6 or 1.1.7, verify that the installed version of CPAN:version is at least version
0.77. If not, upgrade CPAN:version before attempting to upgrade Foswiki! For example:perl -Mversion -e 'print "$version::VERSION\n"' 0.9901
Note: Extensions may not have been upgraded to use the new 'dotted-decimal' version string format for dependency checking. If an extension includes a dependency on an SVN-style revision, Foswiki 1.1.6 assumes that the dependency is satisfied by a 'dotted-decimal' version.