Skip to:
Content
Pages
Categories
Search
Top
Bottom

bbPress 2.5.7 – Security Release

Published on April 20th, 2015 by John James Jacoby

bbPress 2.5.7 is out now, and it fixes several issues regarding unescaped URL output for all previous bbPress 2.x installations. If you’re using any version of bbPress 2.x and have not yet updated, please do so right away. If you need help, please reach out in our support forums and someone will be happy to assist you.

The bbPress team worked closely with the WordPress core team and several other plugin authors to coordinate the release of 2.5.7 alongside other libraries with similar issues.

These fixes have also been ported over to 2.6, which we continue to run here at bbPress.org and BuddyPress.org.

bbPress 2.5.6 – Maintenance Release

Published on March 17th, 2015 by John James Jacoby

Because 2.5.5 was so good 2 weeks ago, we are releasing bbPress 2.5.6 tonight. It fixes 1 issue with subscription notification emails that was plaguing a few of our more sophisticated installations.

If you’re using any version of bbPress 2.x and have been hesitating to upgrade, please consider doing so today. If you need help, please reach out in our support forums and someone will help you get updated.

Thanks to netweb, DJPaul, and mordauk for their diligence in patching and prioritizing this issue.

bbPress 2.5.5 – Security Release

Published on March 6th, 2015 by John James Jacoby

bbPress 2.5.5 is out. It fixes 3 potential security issues for all previous bbPress 2.x installations. If you’re using any version of bbPress 2.x and have been hesitating to upgrade, please consider doing so today. If you need help, please reach out in our support forums and someone will be happy to help.

Thanks go out to J.D. Grimes for identifying and responsibly disclosing his findings. The bbPress team (once again) worked quickly to get 2.5.5 out in just over 24 hours of being notified.

Please accept our apologies (again) for the late-Friday release, and take a quick moment to give your bbPress installations a quick update to 2.5.5.

All of these fixes have been ported over to 2.6, and we’ll be releasing a beta real soon!

bbPress 2.5.4 – Security & Bugfix Release

Published on June 6th, 2014 by John James Jacoby

bbPress 2.5.4 is out. It fixes 6 bugs, the last of which is a security concern for all previous bbPress 2.x installations. If you’re using any version of bbPress 2.x and have been hesitating to upgrade, please consider doing so today. If you need help, please reach out in our support forums and someone will be happy to help.

The following bugs have been fixed in 2.5.4:

  • #2586 – Fix ‘Replies in each forum’ repair tool, to prevent breaking the reply position.
  • #2162 – Switch notification emails to send 1 email using Bcc headers VS one for each subscriber.
  • #2496 – Support slashes in slug settings, and improve sanitization of these fields.
  • #2518 – Improve handling of SSL assets when relying on theme compatibility.
  • #2588 – Fix bug when editing a reply that would pollute hierarchical replies in that topic.
  • #2610 – Properly handle escaping of displayed user fields and data when editing a user.

Thanks go out to Mazen Gamal Mesbah for identifying and responsibly disclosing the displayed user field vulnerability. I’m proud to say the bbPress team worked quickly to get 2.5.4 out just after the 24 hour mark of being notified, which for a volunteer team is pretty great.

For anyone keeping an eye on the development of 2.6, all of these fixes are already ported over, and we bumped the 2.6 release date back to the end of June to give us time to enjoy the fresh summer air.

Please accept our apologies for the late-Friday release, and do spend some time this weekend giving your bbPress installations some TLC with an update to 2.5.4.

2014 bbPress Survey Results

Published on May 22nd, 2014 by @mercime

This report presents the results from the 2014 bbPress Survey held from March 7 – April 11, 2014. One hundred eighty-three participants from thirty-seven countries completed the survey. Thank you all.

Country flags of the  183 Survey Participants

Read more →

2014 bbPress Survey

Published on March 7th, 2014 by John James Jacoby

It was late in 2010 that we started laying the foundation for bbPress 2.0, the reimagining of bbPress as a WordPress plugin. Since then, we’ve revolutionized theme integration with theme-compatibility, added depth to topics with threaded replies, enabled users to stay connected with forum subscriptions, and added numerous other requested features (some that weren’t even in bbPress originally!)

bbPress has always had a passionate community, and we want to keep everyone included in how we plan for the future of the platform. In general, we prioritize features and releases by the what we see requested in Trac and the Forums, the wants/needs/desires of myself, Matt, & Stephen, and we keep an eye on the direction WordPress goes too.

Just like we did with BuddyPress, Merci Me put together a similar survey with questions that will help the core team build a better bbPress. We want to create forum software that enjoy using, and your opinions and feedback will definitely help with that.

You will find the survey embedded below.

http://mercime.polldaddy.com/s/2014-bbpress-survey

Thanks for taking some time out of your day to help us. We’ll post the results of this survey in the next few weeks!

Open Sourcing bbPress.org

Published on March 6th, 2014 by John James Jacoby

Pssst… want to know a secret? Every day when you’re accessing bbPress.org, you’re actually looking at code that’s part of BuddyPress.org’s WordPress installation. (Pretty neat, eh?) Because of this, a recent announcement over at the BuddyPress.org blog also applies here, that after some clean-up and simplification, we’ve open sourced the custom code that’s running on bbPress.org.

This means you’re free to help shape the design, features, and direction that both BuddyPress.org and bbPress.org take in the future. It’s really exciting (for me) since what’s been running here for the past few years is largely made from bits of my (increasingly fragmented) imagination to provide a clean slate & solid foundation for everyone to build on top of.

I’m really excited to see what the future of both BuddyPress.org and bbPress.org look like, now that you’re able to help us out!

bbPress 2.5.3 released

Published on January 11th, 2014 by John James Jacoby

Out today is bbPress 2.5.3, a bug fix release that also comes with improved support for WordPress 3.8’s new, more modern administration area design. A few of the more notable changes are outlined below:

  • WordPress 3.8 support (dashicons, new color schemes)
  • Fix dropdown selects in settings pages
  • Fix accidental topic subscription removal on reply form
  • Fix poor grammar in profile title element
  • Fix admin area SSL support

Check out the changelog on trac for a complete list of tickets and changes.

Read more →

bbPress.org updated to WordPress 3.8

Published on December 13th, 2013 by John James Jacoby

A quick note that bbPress.org has been updated to WordPress 3.8. bbPress 2.5 is fully compatible with this latest and greatest WordPress release, so you can update knowing that your bbPress powered forums will continue working as normal.

We’re also currently working on some performance improvements to bbPress for 2.6. If this sounds like something you’re interested in, check out the discussion on our Trac, maybe test a patch, and drop in some feedback if you have any.

bbPress 2.5.1 released

Published on December 4th, 2013 by John James Jacoby

Today we are releasing bbPress 2.5.1, the first bug-fix release to bbPress 2.5.

bbPress 2.5.1 fixes a few small issues with subscriptions and stylesheet theme compatibility that were introduced in 2.5.

Check out the 2.5.1 milestone on Trac, and go update to bbPress 2.5.1 to get the latest fixes!

Read more →

Skip to toolbar