Releases XenForo 2.2.15 Released Full Nulled By XnForo.Ir 2.2.15

Hot on the heels of yesterday's XF 2.2.14 release and subsequent patches, we are today making XenForo 2.2.15 available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.2 upgrade to this release to benefit from increased stability, particularly if you already upgraded to XenForo 2.2.14.

As of this point, XenForo 2.2.14 and its patches are no longer available for download. We are still planning a final XF 2.2 release at some point around the release of XenForo 2.3!

Some of the changes in XF 2.2.15 include:

• Avoid setting duplicate List-Unsubscribe headers.
• Include first post QA schema items unconditionally.
• Make outdated PHP version notice in admin control panel clearer.
• Retain the original unsubscribeEmailAddress option for backwards compatibility.
• New unsubscribeEmailHandling option to replace the new unsubscribeEmail option and conclusively fix issues arising from yesterday's XF 2.2.14 release.
• Fix URL unfurls no longer unfurling.

Current requirements​

Please note that XenForo 2.2 has higher system requirements than earlier versions.

The following are minimum requirements:

• PHP 7.0 or newer (PHP 8.2 recommended)
• MySQL 5.5 and newer (Also compatible with MariaDB/Percona etc.)
• All of the official add-ons require XenForo 2.2.
• Enhanced Search requires at least Elasticsearch 2.0.

Sincere apologies. A further issue has been identified in which initial upgrades to 2.2.14 may have set the default 'http' option for the unsubscribe option incorrectly.

The latest patch will workaround this issue if you are affected.

Alternatively, going to Options > Email options in your admin control panel and setting the "Unsubscribe email handling" option as desired will fix the issue without needing to upgrade.

This is being rolled out to existing Cloud customers automatically if affected.

XenForo 2.2.14 is now available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.2 upgrade to this release to benefit from increased stability.

In addition to the usual slew of bug fixes and improvements, there are a few notable changes in this release.

Compatibility with PHP 8.1 and 8.2​

Most compatibility issues between PHP 8.1 and 8.2 have been addressed. Remaining issues might trigger E_DEPRECATED warnings in the xf_error_log during debug mode, but these are generally non-critical and can be disregarded.

Email unsubscribe changes​

Previously, we allowed users to unsubscribe from emails through certain mail clients when the automated unsubscribe handler was configured. With the introduction of XenForo 2.2.14, we're implementing a new standard feature that processes unsubscribe requests via HTTP. This feature is activated by default and requires no additional configuration. Your current settings for email unsubscribing will not be altered. The recent updates include:

• Enhanced handling of the List-Unsubscribe header to support both mailto and HTTP methods.
• Automatic inclusion of the unsubscribe header in a broader range of outgoing emails, such as notifications for watched threads and activity summaries.
• A default-enabled option to send confirmation emails to users once their unsubscribe request is fulfilled.

Minor security fix​

In previous versions, add-on or style archives could escape their container directory and bypass subsequent validation checks. Exploiting this requires an administrator with the pertinent permissions to upload a maliciously-crafted archive. This has been addressed in XenForo 2.2.14. Thank you to Egidio Romano of Karma(In)Security for reporting this issue.

Update on XenForo 2.3 and XenForo 3.0​

Work continues towards the next versions of XenForo. @Kier is now working full time on some exciting stuff for XenForo 3.0 while the rest of us are working towards getting XenForo 2.3 stable enough for a public beta release, in addition to the last few bells and whistles for both the core software and some enhancements to our official add-ons. Additionally, we plan to release one last update for XenForo 2.2, namely XenForo 2.2.15, which will incorporate significant fixes before we transition to primarily supporting XenForo 2.3.

Some of the changes in XF 2.2.14 include:

• Fix type hinting for extendClass
• Do not attempt to generate tag URLs without a valid tag
• Properly disable outbound IPv6 requests when PHP is not compiled with IPv6 support
• Improve audio mime-type detection
• Use sodium_bin2base64 over base64_encode when generating random strings.
• Update Twitter BB code media site to support x.com URLs and update some branding to X, rather than Twitter.
• Increase the size of the old_value and new_value columns in the xf_change_log table
• Properly throw an exception when failing to decode JSON for oEmbed
• Ensure tag pages have a canonical URL set
• Support custom URL portions for link forums
• Mark old_value and new_value fields as required in the change log entity
• Adjust regex for dialog loading to ensure consistency with BB code tag naming.
• Fix a number of emoji phrases
• Update braintree_api_keys_explain.txt phrase
• Update webmanifest orientation to use natural as this should derive from the system's settings.
• Highlight current style and language selections on chooser pages
• Always set thread RSS publication dates to the creation date of the thread
• Fix profile post/comment author alert reason API documentation
• Properly phrase the BB Code help page example
• Improve error handling when loading notifier services
• Extend notifier service class before calling createForJob static method
• Reduce lock contention when writing thread read records
• Provide a getter for class extensions, and check for class extensions before attempting to remove them
• Skip relative (dot) files when cleaning up temporary files
• Ensure prefix search constraints are lists of values
• Use a no-permission response when a user cannot be banned, and gracefully handle error responses without a proper error message
• Clarify that new SFS submissions will transmit an unhashed email address
• Properly capture array_unique results
• Add an index to the user ID column of the error log table
• Fix value of custom user titles in API responses
• Surely .u-spaceBefore is intended to apply the margin to the left
• Guard against null metadata in MySQL full-text searchs
• Do not display menus for selected tabs with no links
• Use a more efficient query when updating reaction caches for content
• Support filtering threads with forum type filters when using the API
• When rebuilding user group relations, skip falsey values
• Include support for embedding YouTube Live URLs
• Improve PHP 8.2 compatibility in vendor libraries
• Pass posterParams in the post reaction push template
• Attempt to support fb.watch URLs
• Only set descriptor suffix for Stripe card payments