Merge remote-tracking branch 'origin/3.0' into 3.1.5

Conflicts: dev/DevelopmentAdmin.php docs/en/changelogs/index.md tests/filesystem/FolderTest.php
2024-09-28 20:29:15 +02:00 · 2014-05-13 14:32:27 +12:00 · 2014-05-13 14:32:27 +12:00 · c492c5efda
commit c492c5efda
parent 96b086a843 d9c037bb69
4 changed files with 42 additions and 1 deletions
--- a/composer.json
+++ b/composer.json
@ -20,7 +20,7 @@
 		"composer/installers": "*"
 	},
 	"require-dev": {
-		"phpunit/PHPUnit": "~3.7"
+		"phpunit/PHPUnit": "~3.7@stable"
 	},
 	"autoload": {
 		"classmap": ["tests/behat/features/bootstrap"]	
--- a/docs/en/changelogs/3.0.11.md
+++ b/docs/en/changelogs/3.0.11.md
@ -0,0 +1,19 @@
+# 3.0.11
+
+Minor security release
+
+## Security
+
+ * 2014-04-16 [9d74bc4](https://github.com/silverstripe/sapphire/commit/9d74bc4) Potential DoS exploit in TinyMCE - See [announcement SS-2014-009](http://www.silverstripe.org/ss-2014-009-potential-dos-exploit-in-tinymce/)
+ * 2014-05-05 [9bfeffd](https://github.com/silverstripe/silverstripe-framework/commit/9bfeffd) Injection / Filesystem vulnerability in generatesecuretoken - See [announcement SS-2014-010](http://www.silverstripe.org/ss-2014-010-injection-filesystem-vulnerability-in-generatesecuretoken/)
+ * 2014-05-07 [0099a18](https://github.com/silverstripe/silverstripe-framework/commit/0099a18) Folder filename injection - See [announcement SS-2014-011](http://www.silverstripe.org/ss-2014-011-folder-filename-injection/)
+
+### Bugfixes
+
+ * 2013-06-20 [f2c4a62](https://github.com/silverstripe/sapphire/commit/f2c4a62) ConfirmedPasswordField used to expose existing hash (Hamish Friedlander)
+
+## Changelog
+
+ * [framework](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.0.11)
+ * [cms](https://github.com/silverstripe/silverstripe-cms/releases/tag/3.0.11)
+ * [installer](https://github.com/silverstripe/silverstripe-installer/releases/tag/3.0.11)
--- a/docs/en/changelogs/index.md
+++ b/docs/en/changelogs/index.md
@ -12,6 +12,7 @@ For information on how to upgrade to newer versions consult the [upgrading](/ins
 * [3.1.4](3.1.4) - 8 April 2014
 * [3.1.0](3.1.0) - 1 October 2013

+ * [3.0.11](3.0.11) - 13 May 2014
 * [3.0.10](3.0.10) - 8 April 2014
 * [3.0.5](3.0.5) - 20 February 2013
 * [3.0.4](3.0.4) - 19 February 2013
@ -79,6 +80,8 @@ For information on how to upgrade to newer versions consult the [upgrading](/ins

 * [3.1.5-rc1](rc/3.1.5-rc1) - 7 May 2014
 * [3.1.4-rc1](rc/3.1.4-rc1) - 1 April 2014
+
+ * [3.0.11-rc1](rc/3.0.11-rc1) - 7 May 2014
 * [3.0.10-rc1](rc/3.0.10-rc1) - 1 April 2014
 * [3.0.6-rc1](rc/3.0.6-rc1) - 2013-08-08
 * [3.0.3-rc1](rc/3.0.3-rc1) - 6 November 2012
--- a/docs/en/changelogs/rc/3.0.11-rc1.md
+++ b/docs/en/changelogs/rc/3.0.11-rc1.md
@ -0,0 +1,19 @@
+# 3.0.11-rc1
+
+Minor security release
+
+## Security
+
+ * 2014-04-16 [9d74bc4](https://github.com/silverstripe/sapphire/commit/9d74bc4) Potential DoS exploit in TinyMCE - See [announcement SS-2014-009](http://www.silverstripe.org/ss-2014-009-potential-dos-exploit-in-tinymce/)
+ * 2014-05-05 [9bfeffd](https://github.com/silverstripe/silverstripe-framework/commit/9bfeffd) Injection / Filesystem vulnerability in generatesecuretoken - See [announcement SS-2014-010](http://www.silverstripe.org/ss-2014-010-injection-filesystem-vulnerability-in-generatesecuretoken/)
+ * 2014-05-07 [0099a18](https://github.com/silverstripe/silverstripe-framework/commit/0099a18) Folder filename injection - See [announcement SS-2014-011](http://www.silverstripe.org/ss-2014-011-folder-filename-injection/)
+
+### Bugfixes
+
+ * 2013-06-20 [f2c4a62](https://github.com/silverstripe/sapphire/commit/f2c4a62) ConfirmedPasswordField used to expose existing hash (Hamish Friedlander)
+
+## Changelog
+
+ * [framework](https://github.com/silverstripe/silverstripe-framework/releases/tag/3.0.11-rc1)
+ * [cms](https://github.com/silverstripe/silverstripe-cms/releases/tag/3.0.11-rc1)
+ * [installer](https://github.com/silverstripe/silverstripe-installer/releases/tag/3.0.11-rc1)