Added 3.0.14 changelog

This commit is contained in:
Damian Mooyman 2015-05-28 19:20:23 +12:00
parent c14e7f6b76
commit 01255c109b

View File

@ -0,0 +1,12 @@
# 3.0.14
# Overview
This release includes a fix for flush or isDev querystring parameters
to be set via unauthenticated requests, as well as some other minor security fixes.
### Security
* 2015-05-22 [cb6717c](https://github.com/silverstripe/sapphire/commit/cb6717c) Fix handling of empty parameter token (Damian Mooyman) - See [ss-2015-014](http://www.silverstripe.org/software/download/security-releases/ss-2015-014)
* 2015-05-25 [c14e7f6](https://github.com/silverstripe/sapphire/commit/c14e7f6) Fix malformed urls redirecting to external sites (Damian Mooyman) - See [ss-2015-012](http://www.silverstripe.org/software/download/security-releases/ss-2015-012)
* 2015-05-22 [5f6ac27](https://github.com/silverstripe/sapphire/commit/5f6ac27) Bug fix sqlquery select (Damian Mooyman) - See [ss-2015-011](http://www.silverstripe.org/software/download/security-releases/ss-2015-011)