Version 3.0.7 has been released. This is a minor update version.CO

Download

This version fixes a few minor issues and updates the way members of a list are displayed.

You can find it on the phpList resource site

We didn't realise it had grown to be a list of 142 options.

Download it here

Quite soon after release 2.11.8 a bugfix and security update of the development versions.

Download

This version fixes two issues that were found in the previous development release.

1. click tracking did not work

2. the graphical editor did not load, if you had a different path than the default "lists" for phpList.

It also fixes several security issues in 2.11.8 found by HTTPCS.CO

We've released a new development version, 2.11.8.

Download

This version is a further stabilisation of the 2.11 branch of phpList. We are working hard to be able to call this out new stable version.

As usual development versions are for those of you who are a bit more technically advanced. However, this one is getting close to stable, so if you want to give it a try, make a copy of your existing system, and see if it works for you. Make sure to do it in such a way that you can roll back. If you encounter any issues, please report them to the issue tracker so that we can fix it.

Upgrading is easy and quick. Copy your config file in a save place, FTP the files in the "lists" folder up to your site and copy the config file back. Then click the link "Upgrade" that you will see when you login to your phpList admin pages.

We've released a new development version, 2.11.7

Download

If you have forms that can be filled out by your website visitors, you most likely have come across form spammers. These are "bots" that automatically fill out your forms and fill your database with junk. This can cause all kinds of problems, particularly when sending newsletters to your subscribers, many of whom will be bogus.

On the phpList website, we encountered this issue last year. The common approach to solve this problem is to use a CAPTCHA, which is a hard to read code, that supposedly only real humans can solve.

However, there are two problems with CAPTCHAs. First of all, they are often so hard to read, that even humans cannot solve them. But then, if they are made easier for humans, often computers or bots can solve them as well. As a result, they are not a brilliant way to block the real spammers. Too many real people are blocked and too many bots are let through.

So, we decided to find a different way to solve the problem. If you use PHP on your website, then you may be interested to find out how.

To upgrade, do the following:

1. keep your config.php file somewhere safe (you can find your config.php file in the config folder)

2. make a backup of your database. (recommended, but not essential)

3. overwrite your existing code with the new code. You will primarily want to copy the "lists" folder and all files in it.

4. copy the config.php file back (to the "lists/config/" folder)

5. go to your phpList admin main page with your web browser and login

6. click the "Upgrade" link, which will now be there

7. You're all done

The security issues that were dealt with require having login details to your phpList installation. Therefore they are not exploitable by unknown outsiders, which makes the threat a little less. Nevertheless we advice everyone to upgrade to the latest stable version. In general that's a good idea with any software you use.CO

Go to the download page

We've released a new stable version of phpList, 2.10.14

This version fixes several bugs and a security vulnerability. Everyone running the 2.10 versions or before is strongly advised to upgrade to this version.

Changes in this version can be found in the changelog page , as generated by Mantis.

Many thanks to all involved, for reporting the issues, and helping to resolve them.

We have released a new stable version of phpList, version 2.10.13. This version is a further update on security, removing a few potential security vulnerabilities and further hardening the application against malicious attacks.

We have not heard of any instances where these vulnerabilities have been exploited, and we hope it stays that way.

We're very pleased to announce the release of a new development version of phpList. To get your copy, go to the Sourceforge Download page .

Main changes in this version: UTF-8 support.CO

This version can also handle sending your campaigns with the Amazon SES service.

Our hosted newsletter service already runs on this version, but to declare the download version stable, we want to add some finishing touches first, particularly in the UI and internationalisation side of the application.CO

As always with development versions, it's for the bold and brave. Be careful, backup often and report issues you find in our bugtracker .

Before we are able to consider this version stable, quite some testing will need to be done. For example, we haven't really tested upgrade to this version from the latest stable. If you want to help out, please play with it, and report your findings in mantis , marking the issue for version 2.11.5

This version has quite a large amount of changes. Below we are giving a summary of what has changed, but in fact loads more changes have been made. The most important change to keep in mind that phpList will no longer work with PHP4.

WebReference has published an article on how to setup, manage and even hack phpList. This mostly applies to phpList when you download it to your own server. Our phpList Hosted service has phpList all installed and configured.

"Find out how to set up -- and when necessary, hack -- phpList on your
server to get the most out of this popular email campaign manager."
http://www.webreference.com/authoring/email/phplist/

This release is aimed at hardening the security in phpList. Several changes have been made to eliminate potential attack vectors.
It also includes:

• Some bug fixes

• Internationalization additions

• Re-enable image upload in fckeditor

• Improves mime encoding to avoid attachment corruption

It is mainly a minor release, but we wanted to make this fixes available.
For more information please visit the mantis changelog page.

Upgrading your current version

• Unpack the new packaged version into a new "lists" directory.
• Try it out.

• Backup the database (this might not be needed if you are upgrading from 2.10.9)
• Then update it as mention on the admin page (there is a link once you update).

• Once you feel confortable you can move the old code into a new directory and rename this new one with the old name.

Once that is ready the new version is available for the public into the URL you were using.

Please go to the forum if you have questions.

Cheers,

phpList Team

Everyone using any version up to this one is advised to upgrade as soon as possible. Any clients hosted by Tincan have already been patched or upgraded.

We want to thank Paul Myatt for reporting this vulnerability and handling the issue in a responsible manner.

We hope you enjoy it, and that it serves the phplist community better! Now you can quickly and easily find and navigate between the online documentation wiki, the forums, issue tracker, and other general information.