A security flaw has been recently identified for 0.63 versions of Galette (https://bugs.galette.eu/issues/250 - CVE-2012-2338).

Updating your Galette version or the file that fix the flaw is strongly encouraged.

This vulnerability impacts all 0.63s Galette versions. Galette 0.7 as well as current development version are not concerned.

Problem has been solved, and a 0.63.4 version of Galette is available (changes concerns only the flaw):
https://galette.eu/download/archives/galette-0.63.4.tgz

Only one file must be changed on all concerned versions; you can get it here and replace the existing one in your installation (that way you do not need to upgrade the full code).

Please note that it is the very last change on 0.6x series (that are now EOL): development, support, etc for those versions will be discarded,

Galette 0.7 is now out from several months (and the next release is already on the rails); we strongly encourage you to update your old version ;)

Galette 0.7 was on the road for some time now. Bugs and tasks announced for this version are fixed; older versions migration works also.

So, this is with a real pleasure that I inform you of the New Galette's version 0.7 release :-) For the occasion, the project has been freshened up (new website, new documentation, new bug and tasks tracker, use of Git instead of Subversion).

You can get this release at:
https://galette.eu/download/archives/galette-0.7.0.tar.bz2

Numerous functionnalities and changes have been made for this release, some problems may have slipped through our vigilance, feel free to report them using Galette's trackers|https://bugs.galette.eu/projects/galette/]!

A most complete list of Galette 0.7 new functionnalities is available on the documentation.

If you are updating, make sure to backup your data ; I do not have any old Galette installations, so I cannot test much upgrades scripts.

Galette's documentation also has been rewritten.
The user guide is not yet ended, and I unfortunately can not spend more time to take care of that for now (by the way, if you're interested in helping with that, I'll not say no); on the other hand, installation manual is up-to-date:

• Installation guidehttp://galette.tu...
• user guide

Galette 0.7 brings the ability to add functionality using additional plugins.

On a more technical note, developper's guide was born for this new release :-)

Old documentation will be gracefully retired, until that, please be carefull not to get the wrong one ;)

A big thank you to everyone who participated in this release! :-)

As that was recently announced, features for future 0.7 version of Galette has been freezed :-)

That means development team will no longer accept new features fort these version; and that it will dedicate more time to bugfix, code stabilization and improve the new documentation.

Refer to 0.7 changelog from its illustrious ancestors (Galettes that are probalby not so so fresh acually :-p) to know what this new recipe brings.

Galette 0.63.3 is cooked, lunch's ready ! :-)

This version fixes a security flaw found in the demonstration. Here is the changelog:

• fix a security flaw that allowed attacker to send arbitrary PHP files on some servers
• when sendind invalid member form, line dynamic fields were repeated (bug #10187)
• some encoding issues has been noticed on UFT-8 MySQL servers. Connection is now forced to LATIN1 (thanks to Cédric)
• unbreakable spaces appears on non html email (thanks to Cédric)
• using XML characters in mailing subjects causes XML analysis errors on preview (bug #14571)
• needless data were stored into logs (and not at the right place) sending mailings (bug #14569)
• XML analysis errors where thrown on logs page when a member card contains reserved characters (bug #14561)
• html tags in mailing were not showed while previewing a mailing under Firefox (bug #14465)

The Galette Team is glad to announce the release of Galette 0.63.2!

It's a corrective version, here are issues that have been fixed:

• membership's deadline was incorrect for a fiscal year (bug #13010)
• donations didn't appear in the right color in the table (bug #13009)
• history entries when adding or editing a contribution did not contains member's login - as when adding/editing a member (bug #13011)
• on windows, some characters were incorrectly interpreted - "\n" for example (bug #14162)
• when saving a picture (PNG format), alpha channel was not saved, causing image to get a default background color (bug #14327)
• restrictions showing pictures (since 0.63.1) prevents custom logo to display correctly (bug #14442)
• when editing member's language, current session was also translated (bug #14443)
• some characters - like simple quotes - were badly encoded mailings subjects (bug #14449)
• mail sending were always active, even if disabled in preferences (bug #14450)

You can now download the latest release from: https://galette.eu/download/archives/galette-0.63.2.tgz

If you're already using Galette >= 0.63, you do not have to upgrade, database was not modified. Just copy the new files and you're done ;-)

As usual, you can report bugs through the Gna! interface.

The very kind Galette developpers.