April 18th, 2012
· Some changes were made to iframe support for YouTube, Vimeo, and other sites.
· A deep searching error was addressed and module CSS caching was improved.
· TinyMCE was upgraded to version 3.4.9.
· Posting comments no longer generates a fault and comment editing for anonymous users is no longer a possibility.
September 22nd, 2011
· Speed improvements.
· Drastically lowered memory requirements.
· Fully PHP 5.3 compatible.
· Facilitated module development.
· Updated versions of many modules.
July 15th, 2011
· Content module installation was failing in 1.2.5.
· Dates for new content pages were defaulting to 31 Dec 1969 without any way to change it.
· Installation of the core on MySQL 5.2, or higher, failed because of the TYPE= statements in the SQL structure.
· TinyMCE was updated to the latest release, and should work on IE 9.
December 23rd, 2010
· This version addresses security vulnerabilities in the imagemanager plugin for the TinyMCE editor and in quick search functionality used in the administration area.
· Improvements for SSL support were back-ported from the current trunk to this version.
November 17th, 2010
· This is the first release to offer core support for PHP 5.3. Next to that, a security issue was resolved.
November 9th, 2010
· The most important change is official PHP5.3 compliance for the core modules and libraries.
· Note that modules might need adaptations to work in PHP 5.3.
· That is beyond the control of the core team.
· Search pagination and page title have been fixed.
· There are improvements in session security for the installation process, migration of images during an upgrade from ImpressCMS 1.1, and the use of Smarty variables.
· A possible SQL injection vulnerability has been fixed.
· A regression in the icmsForm class has been fixed.
· An issue where XoopsThemeForm was undefined has been fixed.
July 18th, 2010
· This version patches a recently discovered vulnerability in an external library, TidyCSS. The file containing the vulnerability is not used by ImpressCMS, and can be safely removed.
February 21st, 2010
· A huge release like 1.2 always has some issues that come along. Those have now been resolved in ImpressCMS 1.2.1, which is now ready as a Beta release!
October 11th, 2009
· This release is a security update for the PHP OpenID and Smarty libraries included with the ImpressCMS core, no new features have been introduced.
March 8th, 2009
· This release focuses on code cleanup and several minor bugs.
· HTML Purifier was updated to the latest version.
· The CAPTCHA function was corrected.
· Session handling improved in the frontend and administration areas.
January 1st, 2009
· A security issue in SESSION id (Fixation), an XSS vulnerability, and a potential (but not necessarily vulnerable) exploit in $_GET['editor'] were fixed.
· A security issue in Blocks Positions was also fixed.
· The option to send an email notification for private messages was added, and the user's email address will only appear in the From: header if the user has activated "Allow other users to view my email address".
December 4th, 2008
· ImpressCMS 1.1.1 fixes a security related issue which relates to Sessions Fixation whereby an attacker can exploit this issue by enticing an unsuspecting victim into following a malicious URI and thus gaining unauthorised access.
October 23rd, 2008
· A small vulnerability in the userranks administration of 1.0.2 has been fixed, though administrator access is required to exploit the vulnerability.
October 19th, 2008
· The UTF-8 database converter is finally complete and will upgrade your database to UTF-8.
· Other bugs in the ImpressCMS upgrader were fixed.
· If mainfile.php does not yet have information about the Trust Path, the upgrader will add it.
· A converter from XOOPS 2.2.x to ImpressCMS 1.1 was added.
· A converter from XOOPS 2.3.x to ImpressCMS was added.