About This File
XenForo 2.3.7 is now available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.3 upgrade to this release to benefit from increased stability.
In addition to the usual fixes and improvements, XenForo 2.3.7 also includes a critical security fix to ensure the security of Passkeys that have been added to your account. We'd very much like to thank Jai Niresh J for reporting this issue via Eric and team at Hypixel Inc.. Between them they also reported a less severe issue related to local account page caching on shared systems.
This version also tightens up the kinds of methods that can be called from within templates, evolving from a loose "prefix" match to a stricter "first word" match of methods that can be called through callbacks and variable method calls. This fix is courtesy of Cyanide who we extend huge thanks to in taking the time to report this to us.
We'd also like to take this opportunity to notify all third party developers that writing database queries inside templates is not recommended. While this is still allowed in XenForo 2.3.7, the behaviour is now considered deprecated and will be prevented in XenForo 2.3.8. Code which currently triggers this will insert an error into the Server error log and must be fixed prior to the release of XenForo 2.3.8. Where possible, data must be queried and processed and passed into the template rather than being written inside the template itself.
Finally, we'd like to thank @TickTackk for reporting a path disclosure issue in exceptions thrown due to open_basedir restrictions.
If you are a XenForo Cloud customer, a fix has been rolled out automatically, and no further action is required to address this issue.
We recommend doing a full upgrade to resolve the issue, but a patch can be applied manually. See below for further details.
XenForo:
Compelling Community Platform. There is no better platform upon which to grow your community.
XenForo is the solution your customers would choose.
Engage your customers with the premium community experience.
Take advantage of our unrivaled reliability, flexible deployment and data security.
Features:
- Engage your audience
-
Provide a forum where your customers can interact with you.
- They will tell you what they like, and how you could do better.
- Crowd-source support
-
Lighten the load on your support team.
- Customers can answer each others' questions and share their experience.
- Provide a safe space
-
You are the master of your own data.
- Your customers will be reassured that their information is not being sold off to big tech.
- Recover content
-
User-generated content is priceless.
- Allow it to be easily found again, any time. Yesterday's facts are no less valuable than today's.
- Share knowledge
-
Discussions on your forum contain a wealth of information.
- Assemble your content into an invaluable knowledge base for your subject matter.
- Build your own
-
Leverage state-of-the-art software architecture.
- Create rich integrations and add-on systems to your own specification.
NOTE:
All releases are completely safe, not downloaded from 3rd party websites. Officially purchased & being shared here directly.
Current requirements
Please note that XenForo 2.3 has higher system requirements than earlier versions.
The following are minimum requirements:
- PHP 7.2 or newer (PHP 8.3 recommended)
- MySQL 5.7 and newer (Also compatible with MariaDB/Percona etc.)
- All of the official add-ons require XenForo 2.3.
- Enhanced Search requires at least Elasticsearch 7.2.
