Commit Graph

21458 Commits

Author SHA1 Message Date
Dan Hensby
85b37999be
Merge branch '4.3' into 4.4 2020-04-27 09:52:52 +01:00
Dan Hensby
e328d6f0d9
Merge branch '4.2' into 4.3 2020-04-27 09:51:24 +01:00
Robbie Averill
8180aa508c
Merge pull request #9497 from dhensby/pulls/bigint-rename
Rename DBBigint.php for composer autoloading compatability
2020-04-24 16:51:33 -07:00
Dan Hensby
b9f8ab44ac
Rename DBBigint.php for composer autoloading compatability 2020-04-24 23:15:42 +01:00
Serge Latyntcev
cf898a2672 Merge branch '4.3' into 4.4 2020-04-15 14:47:59 +12:00
Maxime Rainville
1fe6255f9b Merge tag '4.4.6' into 4.4
Release 4.4.6
2020-04-14 14:13:59 +12:00
Steve Boyd
0f7fd35926
Merge pull request #9458 from creative-commoners/pulls/4/doc-versioned-file-migration
DOC CMS 3.x file migration section about versioned files
2020-04-14 11:31:43 +12:00
Maxime Rainville
092acc7112 Added 4.4.6 changelog 2020-04-14 10:59:19 +12:00
Serge Latyntcev
eaa69530be DOC CMS 3.x file migration section about versioned files 2020-04-14 10:53:21 +12:00
Serge Latyntcev
b269d87490 BUG Register new sub tasks to fix files affected by CVE-2020-9280 and CVE-2019-12245 2020-04-13 17:16:57 +12:00
Maxime Rainville
4b0345bee7 DOC Explain how to use the new file migation sub tasks in the 4.4.6/4.5.2 changelogs 2020-04-13 17:16:29 +12:00
Steve Boyd
2e875a04ae
Merge pull request #9381 from webbuilders-group/bugfix-timefield-readonly
BUGFIX: Fixed issue where TimeField_Readonly would only show "(not set)"
2020-03-06 10:38:57 +13:00
UndefinedOffset
bba0f2f72f
BUGFIX: Fixed issue where TimeField_Readonly would only show "(not set)" instead of the value 2020-02-24 09:59:00 -04:00
Serge Latyntsev
91f091f418
Merge pull request #9410 from blueo/patch-1
Update CVE number to CVE-2019-19325
2020-02-19 10:15:52 +13:00
Bernard Hamlin
765810b013
Update CVE number to CVE-2019-19325 2020-02-19 09:58:12 +13:00
Maxime Rainville
a9598eec3f Added 4.4.5 changelog 2020-02-17 14:02:57 +13:00
Maxime Rainville
0a9866c087 Update translations 2020-02-17 14:01:02 +13:00
Maxime Rainville
49fda52b12
Merge pull request #94 from silverstripe-security/fix/cve-2019-19325
CVE-2019-1935
2020-02-17 12:54:40 +13:00
Serge Latyntcev
ad1b00ec7d [CVE-2019-19325] XSS through non-scalar FormField attributes
Silverstripe Forms allow malicious HTML or JavaScript to be inserted
through non-scalar FormField attributes, which allows performing XSS (Cross-Site Scripting)
on some forms built with user input (Request data). This can lead to phishing attempts
to obtain a user's credentials or other sensitive user input.
There is no known attack vector for extracting user-session information or credentials automatically,
it required a user to fall for the phishing attempt.
XSS can also be used to modify the presentation of content in malicious ways.
2020-02-17 09:58:29 +13:00
Steve Boyd
8dcaed25f4
Merge pull request #9386 from silverstripe-terraformers/feature/orm-column
ORM bugfix and enhancement
2020-02-11 15:56:03 +13:00
Mojmir Fendek
285e6caafa PR fixes 2020-02-11 10:43:01 +13:00
Mojmir Fendek
448147c2f1 PR fixes 2020-02-10 09:17:34 +13:00
Mojmir Fendek
660f80d284 PR fixes 2020-02-07 13:49:19 +13:00
Mojmir Fendek
99786dda22 ORM Column now supports related table lookup 2020-01-28 15:46:30 +13:00
Robbie Averill
26e3b6f4e3 Merge branch '4.3' into 4.4 2020-01-16 19:59:24 -08:00
Robbie Averill
7c1a0571f7
Merge pull request #9367 from martinduparc/patch-2
array_key_exists() on objects is deprecated in PHP 7.4
2020-01-14 09:39:49 -08:00
Martin D
ec6a353543 array_key_exists() on objects is deprecated
Ref: https://wiki.php.net/rfc/deprecations_php_7_4#array_key_exists_with_objects
2020-01-14 09:22:49 -08:00
Stevie Mayhew
92acc764f7
Merge pull request #9327 from kinglozzer/9259-session-restart
FIX: Session::restart() didn't correctly restart session (fixes #9259)
2019-11-21 11:52:36 +13:00
Loz Calver
453945da14 FIX: Session::restart() didn't correctly restart session (fixes #9259) 2019-11-20 14:21:30 +00:00
Serge Latyntcev
8219491705 Merge branch '4.3' into 4.4 2019-11-20 11:08:35 +13:00
Robbie Averill
bd658ca745
Merge pull request #9305 from tractorcow/pulls/4.3/action-title
BUG FormAction title property cannot be set if useButtonTag is false
2019-11-14 09:06:46 -08:00
Guy Marriott
44b9e331f6
Ensure Requirements_Backend respects explicit false for async/d… (#9309)
Ensure Requirements_Backend respects explicit false for async/defer
2019-10-29 14:37:32 -07:00
Michal Kleiner
4f614423ad Ensure Requirements_Backend respects explicit false for async/defer 2019-10-30 09:59:57 +13:00
Damian Mooyman
e76601e5c8
BUG FormAction title property cannot be set if useButtonTag is false 2019-10-29 17:21:45 +13:00
Serge Latyntcev
0cf5d4cbe2 Merge branch '4.3' into 4.4 2019-10-18 15:58:13 +13:00
Serge Latyntsev
c7597ad265
Merge pull request #9293 from open-sausages/pulls/4.3/psr2-fix
PSR2 linting fixes
2019-10-18 15:52:06 +13:00
Serge Latyntcev
46b9530d88 PSR2 linting fixes 2019-10-18 15:31:39 +13:00
Serge Latyntcev
dcbe6d0310 Merge branch '4.3' into 4.4 2019-10-18 10:57:35 +13:00
Robbie Averill
db2aa38228
Merge pull request #9277 from tractorcow/pulls/4.4/respect-can-create
BUG Ensure that canCreate() context matches that respected by GridFieldAddNewButton
2019-10-03 18:21:43 -07:00
Damian Mooyman
d7752b7945
Run PSR2 Lint cleaner 2019-10-04 13:26:31 +13:00
Serge Latyntsev
71f810516c
Merge pull request #9275 from open-sausages/pulls/4.3/obfuscated-email-names
FIX DebugViewFrendlyErrorFormatter handle of admin_email
2019-10-04 11:27:17 +13:00
Damian Mooyman
f1594fd991 BUG Ensure that canCreate() context matches that respected by GridFieldAddNewButton 2019-10-04 11:24:34 +13:00
Robbie Averill
1265f09f4f
Merge pull request #9271 from michalkleiner/pulls/4/check-array-props-in-custom-methods
FIX Check array keys existence when removing methods in CustomMethods
2019-10-03 14:30:22 -07:00
Serge Latyntcev
7db524bd90 FIX DebugViewFrendlyErrorFormatter handle of admin_email 2019-10-04 10:26:54 +13:00
Michal Kleiner
1a2dbfd3a5
Update conditional logic when checking array keys before removing methods in CustomMethods 2019-09-30 10:17:59 +13:00
Michal Kleiner
52a039f631 Check array keys existence prior to their usage when removing methods in CustomMethods 2019-09-27 14:57:15 +12:00
Serge Latyntcev
50a1aa4c4d Merge branch '4.3' into 4.4 2019-09-24 17:28:31 +12:00
Aaron Carlino
a0ec2f2811 Update translations 2019-09-24 17:26:37 +12:00
Serge Latyntcev
26a4fb38ba Added 4.3.6 changelog 2019-09-24 17:20:48 +12:00
Aaron Carlino
79a89e751d Added 4.4.4 changelog 2019-09-24 17:05:26 +12:00