silverstripe-framework/docs/en/04_Changelogs/3.1.10.md

58 lines
4.5 KiB
Markdown
Raw Normal View History

2015-02-19 00:37:16 +01:00
# 3.1.10
## Upgrading
### Form Actions
Form action titles are now safely XML encoded, although this was an implicit assumption, it is now explicitly enforced.
XML encoding titles will not cause an error, but is deprecated at framework 4.0. FormAction buttons with custom HTML
content should be assigned using the `FormAction::setButtonContent` method instead.
## Security
Several medium and some low level security XSS (cross site scripting) vulnerabilites have been closed in this release.
All users of SilverStripe framework 3.1.9 and below are advised to upgrade.
* 2015-02-10 [1db08ba](https://github.com/silverstripe/sapphire/commit/1db08ba) Fix FormAction title encoding (Damian Mooyman) -
2015-02-19 01:16:40 +01:00
See announcement [ss-2015-007](http://www.silverstripe.org/software/download/security-releases/ss-2015-007)
2015-02-19 00:37:16 +01:00
* 2015-02-10 [1db08ba](https://github.com/silverstripe/sapphire/commit/1db08ba) Core CMS XSS Vulnerability Fixes (Damian Mooyman) -
2015-02-19 01:16:40 +01:00
See announcements
[ss-2015-003](http://www.silverstripe.org/software/download/security-releases/ss-2015-003),
[ss-2015-004](http://www.silverstripe.org/software/download/security-releases/ss-2015-004),
[ss-2015-006](http://www.silverstripe.org/software/download/security-releases/ss-2015-006)
2015-02-19 00:37:16 +01:00
* 2015-01-22 [7733c43](https://github.com/silverstripe/silverstripe-cms/commit/7733c43) Correctly sanitise Title (Michael Strong) -
2015-02-19 01:16:40 +01:00
See announcement [SS-2015-005](http://www.silverstripe.org/software/download/security-releases/ss-2015-005)
2015-02-19 00:37:16 +01:00
* 2015-02-05 [70e0d60](https://github.com/silverstripe/sapphire/commit/70e0d60) Fix developer output in redirection script (Damian Mooyman) -
2015-02-19 01:16:40 +01:00
See announcement [SS-2015-001](http://www.silverstripe.org/software/download/security-releases/ss-2015-001)
2015-02-19 00:37:16 +01:00
### Features and Enhancements
* 2015-01-22 [2e4bf9a](https://github.com/silverstripe/sapphire/commit/2e4bf9a) Update sake to reference new docs (Cam Findlay)
### Bugfixes
* 2015-02-17 [aa77e12](https://github.com/silverstripe/sapphire/commit/aa77e12) Fixed infinity loop when searching _ss_environment (Zauberfish)
* 2015-02-12 [047fe3a](https://github.com/silverstripe/sapphire/commit/047fe3a) Include php version in default cache folder name Update CoreTest.php (JorisDebonnet)
* 2015-02-08 [a530085](https://github.com/silverstripe/silverstripe-cms/commit/a530085) External redirects shouldnt show in preview pane (Daniel Hensby)
* 2015-02-06 [d68435e](https://github.com/silverstripe/sapphire/commit/d68435e) SelectionGroup no longer shows empty FieldLists (Daniel Hensby)
* 2015-02-06 [a0f9535](https://github.com/silverstripe/sapphire/commit/a0f9535) issue where empty composite fields created a fieldlist with empty items (Daniel Hensby)
* 2015-02-03 [abd1e6b](https://github.com/silverstripe/sapphire/commit/abd1e6b) GridFieldExportButton should honour can method. (Will Rossiter)
* 2015-01-22 [eed7093](https://github.com/silverstripe/sapphire/commit/eed7093) dev/build not flushing manifests if site is in a subfolder (Loz Calver)
* 2015-01-19 [77ebdc2](https://github.com/silverstripe/sapphire/commit/77ebdc2) DataObject::db returned fields in incorrect order, with incorrect data types (Loz Calver)
* 2015-01-15 [32ce85d](https://github.com/silverstripe/sapphire/commit/32ce85d) . Summary fields can't be translated (Elvinas L.)
* 2015-01-13 [2e6e8af](https://github.com/silverstripe/sapphire/commit/2e6e8af) insert media trims whitespace - fixes #845 (Emma O'Keefe)
* 2015-01-13 [2861e7c](https://github.com/silverstripe/sapphire/commit/2861e7c) insert media trims whitespace fixes #845 (Emma O'Keefe)
* 2015-01-09 [ef237f6](https://github.com/silverstripe/sapphire/commit/ef237f6) Expands the CMS' centre-pane when collapsed and it's clicked. (Russell Michell)
* 2014-10-24 [9d78eb7](https://github.com/silverstripe/sapphire/commit/9d78eb7) Fix BasicAuth not resetting failed login counts on authentication (Damian Mooyman)
* 2014-10-16 [e4ddb4b](https://github.com/silverstripe/sapphire/commit/e4ddb4b) Ensure query string in X-Backurl is encoded (fixes #3563) (Loz Calver)
* 2014-08-25 [f823831](https://github.com/silverstripe/sapphire/commit/f823831) making minify javascript fail-safe (Igor Nadj)
* 2014-04-03 [5180452](https://github.com/silverstripe/sapphire/commit/5180452) Fixed handling of numbers in certain locales. Fixes #2161 (Damian Mooyman)
## Changelog
* [framework](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.1.10)
* [cms](https://github.com/silverstripe/silverstripe-cms/releases/tag/3.1.10)
* [installer](https://github.com/silverstripe/silverstripe-installer/releases/tag/3.1.10)