The Documentation Site http://doc.tikiwiki.org will be upgraded to TikiWiki -Polaris- on Sunday 1st February at around 9pm GMT. During this time the site could be unavailable. This also serves as a notice to say please do not work on any documentation, until we post the results of the upgrade. The upgrade will be handled in our IRC channel.

After a long wait, and then CVS problems at SourceForge, we have finally been able to release 1.7.5 tonight. The main purpose of this release is to address the CSRF issues which affect web applications. However we have also managed to sneak in some extra goodies as a bonus! Download your copy now from our SourceForge Project Area.

An interesting idea has be brought to the TikiWiki site by ang. He has started work on plotting locations of the TikiCommunity onto a XPlanet map. You can see the result here Community Worldmap. Please as a member of the TikiCommunity find your Latitude and Longitude and add yourself to the list. There are links available on the page to help you.

A group of us at tikiwiki.org got together & developed a survey. Yes, a survey.. a survey made especially for you! We want to know what you think! The survey is geared towards users, administrators, developers, anyone & everyone. We're particularly interested in how you use Tikiwiki, the feedback you've gotten from others regarding Tikiwiki, and what you want to see happen with Tikiwiki.

Click on read more below for more information regarding the article & a link to take you there!

Tikiwiki has made it finally into Gentoo Portage CVS yesterday: this means we now are officially part of the great Gentoo Linux distribution. Hence, today is a great day for celebration for both communities, and just another reason for more users to test and witness the availability of intriguing content management technologies like Tikiwiki. Let's start the New Year with New Tools!

Web applications are more and more popular, more and more used, and, in consequence, more open to abuse than in past years. Tricks like XSS and CSRF are begining to spread rapidly, at least in rumor, in specialized networks. All live web applications need to verify they have basic protections against such abuses if they intend to provide a trustworthy work environment.

Jun0 brought attention to the vulnerability of tikiwiki to the CSRF trick. After some examination and work, a commando patch operation added basic protection in tikiwiki. 1.7.5, under test right now, was created to meet the security needs of the community, and will be released in next hours/days. If security is vital to your activities, upgrade now to cvs version; branches 1.7, 1.8, and HEAD are patched. We need your help to track possible side effect of the patch, then we can release without fear of regression.

Here is the mail I recently sent to a small number of tikiwiki developers explaining the whole story...

We would like to wish you and your family a safe and happy holiday.

RC3: Third release candidate of Tiki 1.8 -Polaris-

RC3: Third release candidate of Tiki 1.8 -Polaris-

A unplanned 1.7.5 has been drawn up for the 1.7 TikiWiki release family. This is only a bugfix release and will not contain any new features.