diff --git a/docs/en/04_Changelogs/rc/3.6.3-rc2.md b/docs/en/04_Changelogs/rc/3.6.3-rc2.md new file mode 100644 index 000000000..8889b2951 --- /dev/null +++ b/docs/en/04_Changelogs/rc/3.6.3-rc2.md @@ -0,0 +1,34 @@ +# 3.6.3-rc2 + + + +## Change Log + +### Security + + * 2017-11-30 [6ba00e829]() Prevent disclosure of sensitive information via LoginAttempt (Damian Mooyman) - See [ss-2017-009](http://www.silverstripe.org/download/security-releases/ss-2017-009) + * 2017-11-30 [db54112f3]() user agent invalidation on session startup (Damian Mooyman) - See [ss-2017-006](http://www.silverstripe.org/download/security-releases/ss-2017-006) + * 2017-11-29 [22ccf3e2f]() Ensure xls formulae are safely sanitised on output (Damian Mooyman) - See [ss-2017-007](http://www.silverstripe.org/download/security-releases/ss-2017-007) + * 2017-11-21 [0f2049d4d]() SQL injection in search engine (Daniel Hensby) - See [ss-2017-008](http://www.silverstripe.org/download/security-releases/ss-2017-008) + +### Bugfixes + + * 2017-12-05 [8477de15](https://github.com/silverstripe/silverstripe-siteconfig/commit/8477de15203c4c80ca55365200fa3c7c031d70d8) Remove unused Behat tests from 3.6 branch (Robbie Averill) + * 2017-11-30 [84d7afb34]() Use baseDataClass for allVersions as with other methods (Daniel Hensby) + * 2017-11-24 [09a003bc1]() deprecated usage of getMock in unit tests (Daniel Hensby) + * 2017-11-23 [2ad3cc07d]() Update meber passwordencryption to default on password change (Daniel Hensby) + * 2017-11-22 [ef6d86f2c]() Allow lowercase and uppercase delcaration of legacy Int class (Daniel Hensby) + * 2017-11-16 [dda14e895]() HTTP::get_mime_type with uppercase filenames. (Roman Schmid) + * 2017-11-16 [52f0eadd3]() for #7606: Ensure the object we're handling is actually an Image instance before calling methods specific to that class (e.g. in case of using SVG's in <img> tag which may be File instances). (Patrick Nelson) + * 2017-11-15 [ce3fd370f]() ManyMany link table joined with LEFT JOIN (Daniel Hensby) + * 2017-11-09 [1053de7ec]() Don't redirect in force_redirect() in CLI (Damian Mooyman) + * 2017-10-25 [cbac37559]() Helpful warning when phpunit bootstrap appears misconfigured (Daniel Hensby) + * 2017-10-25 [32cef975e]() Use self::inst() for Injector/Config nest methods (Daniel Hensby) + * 2017-10-19 [a73d5b41](https://github.com/silverstripe/silverstripe-cms/commit/a73d5b4177be445128a6fa42e20dd8df13eaf554) revert to this button after archiving (Christopher Joe) + * 2017-10-12 [fd39faee](https://github.com/silverstripe/silverstripe-cms/commit/fd39faeefd5241cf96313e968142183de767c51b) UploadField overwriteWarning isn't working in AssetAdmin (Jason) + * 2017-10-09 [264cec123]() Dont use var_export for cache key generation as it fails on circular references (Daniel Hensby) + * 2017-10-04 [24e190ea](https://github.com/silverstripe/silverstripe-cms/commit/24e190ea8265d16445a3210f7b06de191e474004) TreeDropdownField showing broken page icons (fixes silverstripe/silverstripe-framework#7420) (Loz Calver) + * 2017-09-12 [0aac4ddb](https://github.com/silverstripe/silverstripe-cms/commit/0aac4ddb7ecf0f17eda8add235017c10c9f57255) Default LoginForm generated from default_authenticator (Daniel Hensby) + * 2017-08-13 [2f579b64c]() Files without extensions (folders) do not have a trailing period added (Robbie Averill) + * 2017-07-04 [00f1ad5d6]() Fixes #7116 Improves server requirements docs viz: OpCaches. (Russell Michell) + * 2016-03-20 [805c38f10]() don't try and switch out of context of the tab system (Stevie Mayhew)