Release Notes: This is a security and bugfix release. The security fix closes a SQL injection hole which could extract unauthorized data from the user database with a carefully-crafted URL. Additional bugfixes include support for Twitter's v1.1 API, XMPP fixes, and better ActivityStreams JSON support.
Release Notes: This release includes an OpenID and OAuth timing attack fix, along with compatibility fixes for OStatus feed contents, API and feed discovery, and SSL certificate verification with SNI where available. Many UI translation updates from TranslateWiki.net, including an Esperanto translation.