mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
Include announcement links for security fixes
This commit is contained in:
parent
cf2a314a50
commit
9230d41186
@ -1,23 +1,25 @@
|
|||||||
# 3.0.10-rc1
|
# 3.0.10-rc1
|
||||||
|
|
||||||
## Overview
|
|
||||||
|
|
||||||
* General: [Rewrote usages of error suppression operator](https://github.com/silverstripe/silverstripe-framework/commit/6d5d3d8cb7e69e0b37471b1e34077211b0f631fe)
|
|
||||||
* Security: [BUG Fix issue with versioned dataobjects being cached between stages](https://github.com/silverstripe/silverstripe-framework/commit/4415a75d9304a3930b9c28763fc092299640c685)
|
|
||||||
* Security: [BUG Fix encoding of JS redirection script](https://github.com/silverstripe/silverstripe-framework/commit/f8e3bbe3ae3f29f22d85abb73cea033659511168)
|
|
||||||
* Security: [FIX Prevent SQLi when no URL filters are applied](https://github.com/silverstripe/silverstripe-cms/commit/114df8a3a5e4800ef7586c5d9c8d79798fd2a11d)
|
|
||||||
* Security: [FIX Do now allow arbitary class creation in CMS](https://github.com/silverstripe/silverstripe-cms/commit/bf9b22fd4331a6f78cec12a75262f570b025ec2d)
|
|
||||||
|
|
||||||
## Upgrading
|
## Upgrading
|
||||||
|
|
||||||
* If relying on partial caching of content between logged in users, be aware that the cache is now automatically
|
* If relying on partial caching of content between logged in users, be aware that the cache is now automatically
|
||||||
segmented based on both the current member ID, and the versioned reading mode. If this is not an appropriate
|
segmented based on both the current member ID, and the versioned reading mode. If this is not an appropriate
|
||||||
method (such as if the same content is served to logged in users within partial caching) then it is necessary
|
method (such as if the same content is served to logged in users within partial caching) then it is necessary
|
||||||
to adjust the config value of `SSViewer::global_key` to something more or less sensitive.
|
to adjust the config value of `SSViewer.global_key` to something more or less sensitive.
|
||||||
|
|
||||||
|
## Security
|
||||||
|
|
||||||
|
* [BUG Fix issue with versioned dataobjects being cached between stages](https://github.com/silverstripe/silverstripe-framework/commit/4415a75d9304a3930b9c28763fc092299640c685) - See [announcement SS-2014-007](http://www.silverstripe.org/ss-2014-007-confidentiality-breach-can-occur-between-draft-and-live-modes/)
|
||||||
|
* [BUG Fix encoding of JS redirection script](https://github.com/silverstripe/silverstripe-framework/commit/f8e3bbe3ae3f29f22d85abb73cea033659511168) - See [announcement SS-2014-006](http://www.silverstripe.org/ss-2014-006-xss-in-returnurl-redirection/)
|
||||||
|
* [FIX Prevent SQLi when no URL filters are applied](https://github.com/silverstripe/silverstripe-cms/commit/114df8a3a5e4800ef7586c5d9c8d79798fd2a11d) - See [announcement SS-2014-004](http://www.silverstripe.org/ss-2014-004-sql-injection-in-sitetree-with-custom-urlsegmentfilter-rules/)
|
||||||
|
* [FIX Do now allow arbitary class creation in CMS](https://github.com/silverstripe/silverstripe-cms/commit/bf9b22fd4331a6f78cec12a75262f570b025ec2d) - See [announcement SS-2014-005](http://www.silverstripe.org/ss-2014-005-arbitrary-class-creation-in-cms-backend/)
|
||||||
|
|
||||||
|
## General
|
||||||
|
|
||||||
|
* [Rewrote usages of error suppression operator](https://github.com/silverstripe/silverstripe-framework/commit/6d5d3d8cb7e69e0b37471b1e34077211b0f631fe)
|
||||||
|
|
||||||
## Changelog
|
## Changelog
|
||||||
|
|
||||||
* [framework](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.0.10-rc1)
|
* [framework](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.0.10-rc1)
|
||||||
* [cms](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.0.10-rc1)
|
* [cms](https://github.com/silverstripe/silverstripe-cms/releases/tag/3.0.10-rc1)
|
||||||
* [installer](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.0.10-rc1)
|
* [installer](https://github.com/silverstripe/silverstripe-installer/releases/tag/3.0.10-rc1)
|
||||||
|
Loading…
Reference in New Issue
Block a user