BuddyPress 2.9.1 is now available. This is a security and maintenance release. We strongly encourage all BuddyPress sites to upgrade as soon as possible.
We fixed two regressions introduced in 2.9:
- Groups: fix group description truncation length on group screen.
- Profiles: fix avatar quality when requesting avatar sizes larger than the user’s uploaded avatar.
Importantly, BuddyPress 2.9.1 and earlier versions were affected by the following security issue:
- Cross-site request forgery (CSRF) in the XProfile administration Dashboard panel.
These vulnerabilities were reported privately by Ronnie Skansing. Our thanks to Ronnie for reporting security issues in accordance with WordPress’ security policies.
Thanks to y’all and to Ronnie for the security update and protecting us all 🙂
“Profiles: fix avatar quality” not working. First updated avatar (retina), after page reload again – the avatar is out of focus (not retina). Check please.
Hello, when composing a message (profile – messages – compose ), when i type the first letter in the destinary field, I get this:
(function(){var g=this;function h(b,d){var a=b.split(“.”),c=g;a[0]in c
I guess it comes from the bp-messages
where is the problem ?
thanks for your reply.
kind regards
Philip