Totara Social 1.0.7 is a "security" release. It includes bug fixes, improvements, and several security fixes. We recommend upgrading to this version.
Here is the changelog:
Release 1.0.7 (4th June 2015): ================================================== Security fixes: Stopping potential SWF files XSS exploitation (Backported from Mahara - Bug #1190788) TS-530 Improved security when serving untrusted files in Internet Explorer Backported fixes from Mahara: Stripping the URL port number from 'noreplyaddress' (Bug #1447892) Fixed the JavaScript error in Internet Explorer 9 when displaying PDF (Bug #1400595) Improvements: TS-540 Improved wording in forums for email and inbox notifications ('Reply to this post' has been changed to 'See this post in context') TS-413 Improved default information displayed on Content pages (e.g. if there is nothing to display under 'My content' filter, a user will be redirected to 'All content') TS-533 Text box block is now fully copied instead of its content being linked when a user creates a copy of their page TS-491 Split the chat configuration into individual and group settings. Site and tenant administrator can now separately manage group and individual chat Bug Fixes: TS-524 Fixed tooltip not working for Like/Watch actions after clicking the 'Show more' link in the Activity Stream TS-536 Fixed the layout of email digest notification in HTML format TS-525 Fixed layering issue in External Media block in Internet Explorer 9 TS-518 Fixed an issue where the WYSIWYG Editor did not properly apply the indent options to bulleted list items TS-521 Fixed an issue where the WYSIWYG Editor did not apply changes to a link in Firefox TS-520 Fixed wrong activity message in Activity Stream after editing a status update TS-526 Fixed permissions inconsistency of the items reported as objectionable. Objectionable content in tenants and groups can now be resolved by a tenant or a group administrator respectively