Prepare release

docs/NEWS

@@ -1,4 +1,4 @@
-Version 2.x.x (major) ()
+Version 2.2.1-alpha1 (September 20th, 2018)
 ------------------------------------------------------------------------
 
     * PHP 7.2 support: New autologin token approach, various code
@@ -19,8 +19,6 @@ Version 2.x.x (major) ()
 
     * Update Smarty to 3.1.32
 
-    * [Security] Prevent XSS via multicategory pagination
-
     * Update bootstrap 4 design to new bootstrap version
 
     * Add option to disable google fonts in several designs
@@ -71,7 +69,20 @@ Version 2.x.x (major) ()
 
     * Change Spartacus default mirror to github (#489)
 
-Version 2.1.3 ()
+Version 2.1.4 (September 20th, 2018)
+------------------------------------------------------------------------
+
+    * Security: Fix XSS for pagination, when multi-category selection
+      is used. Thanks to Brian Carpenter (geeknik) and Hanno Boeck!
+    
+    * Minor code fixes (proper PHP escaping for 'orderkey' SQL statement
+    
+    * Sekelton, Timeline and Clean Blog templates: Add theme option to 
+      disable google webfonts
+      
+    * Link to https s9y.org pages
+    
+Version 2.1.3 (August 16th, 2018)
 ------------------------------------------------------------------------
 
     * Security: Make sure that the admins configuration for RSS

docs/RELEASE

@@ -1,2 +1,2 @@
-stable:2.1.3
-beta:2.1.3
+stable:2.1.4
+beta:2.1.4

serendipity_config.inc.php

@@ -47,7 +47,7 @@ if (defined('USE_MEMSNAP')) {
 }
 
 // The version string
-$serendipity['version'] = '2.2.0-beta2';
+$serendipity['version'] = '2.2.1-alpha1';
 
 
 // Setting this to 'false' will enable debugging output. All alpha/beta/cvs snapshot versions will emit debug information by default. To increase the debug level (to enable Smarty debugging), set this flag to 'debug'.