10.0.41 released. Read the full article for more information, and upgrade information.

There is a data leak within the galleries+privacy addon combination under certain special conditions.

10.0.40 released. Read the full article for more information, and upgrade information.

We recently had a security researcher (aka whitehat hacker) claim to have found a vulnerability in Composr. This came down to a misunderstand, explained in this article.

10.0.39 released. Read the full article for more information, and upgrade information.

Brief outline of Composr's PHP 8.1 status.

Two security holes were recently discovered in current and previous versions of Composr CMS, and patched.

10.0.38 released. Read the full article for more information, and upgrade information.

The Composr CMS IRC channel has moved.

Two security holes were recently discovered in current and previous versions of Composr CMS.

These issues have been fixed in the new version released today, 10.0.37. In this news post we will explain the issues and provide temporary mitigations for those who do not wish to immediately upgrade to 10.0.37.

10.0.37 released. Read the full article for more information, and upgrade information.

10.0.36 released. Read the full article for more information, and upgrade information.

Advice and tooling for dealing with ageing ocPortal websites.

10.0.35 released. Read the full article for more information, and upgrade information.

Announcing the Community Site Showcase, where you can show off your sites to others and upvote/downvote (Reddit-style).

Anatomy of a bogus vulnerability that is circulating.

Composr now requires PHP 5.3+ (but really you should be on PHP 7.3+).

10.0.34 released. Read the full article for more information, and upgrade information.

There are a number of nasty bugs in 10.0.33, hot fixes are linked inside this issue.

Important message regarding Composr compatibility with PHP 8.

10.0.33 released. Read the full article for more information, and upgrade information.