Commit Graph

23044 Commits

Author SHA1 Message Date
Guy Sartorelli
e5b81109de
Merge pull request #10584 from creative-commoners/pulls/4.11/cve-2022-38462
Don't allow CRLF in header values
2022-11-21 13:02:25 +13:00
Guy Sartorelli
b17b29eea1
Merge pull request #10583 from creative-commoners/pulls/4.11/cve-2022-38724-embed-shortcode
Restrict embed shortcode attributes
2022-11-21 13:01:23 +13:00
Daniel Hensby
bb5b093004
Merge pull request #10578 from MadeHQ/4.11
Prevent infinite loop when getting table name for ComponentID
2022-11-10 21:49:03 +00:00
Lee Bradley
78b661dcf6
Prevent infinite loop when getting table name for ComponentID
If the field isn't in the first 2 classes then would just continue to loop
Fix means it will continue going to parent classes

Can be seen in the UsedOnTable in `admin` module if you have injected a new `Image` class that extends the built in one
2022-11-10 14:00:29 +00:00
Guy Sartorelli
e53380ce89
Merge pull request #10576 from creative-commoners/pulls/4.11/use-blowfish
MNT Explicitly test with blowfish
2022-11-10 17:18:20 +13:00
Steve Boyd
49e637d244 MNT Explicitly test with blowfish 2022-11-10 11:36:56 +13:00
Michal Kleiner
27eb390d2b
Merge pull request #10560 from creative-commoners/pulls/4.11/default-admin-encryption 2022-10-27 14:48:52 +13:00
Steve Boyd
a3c1cb0ddf
ENH Set PasswordEncryption on default admin 2022-10-27 13:57:27 +13:00
Guy Sartorelli
168ca00555
[CVE-2022-38724] Restrict embed shortcode attributes 2022-10-26 09:31:12 +13:00
Michal Kleiner
0c207c3079
Merge pull request #10555 from creative-commoners/pulls/4.11/inject-objects 2022-10-19 21:07:48 +13:00
Steve Boyd
e3a6cad8a8 FIX Allow passing objects to InjectionCreator::create()
Co-authored-by: Nate Devereux <nate@daveclark.co.nz>
2022-10-19 18:04:48 +13:00
Guy Sartorelli
0b80643210
Merge pull request #10522 from creative-commoners/pulls/4.11/backport-textcollector-fix
Fix i18nTextCollector produces corrupt output / namespaces when runni…
2022-09-29 14:42:39 +13:00
Christian Bünte
e24fb3f86c
Fix i18nTextCollector produces corrupt output / namespaces when running under PHP8.0 (#10228)
* FIX i18nTextCollector produces corrupt output / namespaces when running under PHP8.0
2022-09-29 13:40:40 +13:00
Guy Sartorelli
b36c987eef
Merge pull request #10519 from lekoala/patch-30
request may not have a session
2022-09-29 09:05:12 +13:00
Thomas Portelange
54892fa267
request may not have a session
see https://github.com/silverstripe/silverstripe-framework/pull/10512
2022-09-28 10:44:13 +02:00
Michal Kleiner
b80309093c
Merge pull request #10516 from creative-commoners/pulls/4.11/override-named-extension 2022-09-27 23:43:52 +13:00
Guy Sartorelli
4a598ded51
FIX Allow removing named extensions in yaml config 2022-09-27 13:15:28 +13:00
Guy Sartorelli
7e9ced0824
Merge pull request #10470 from creative-commoners/pulls/4.11/case-insensitive-casting
FIX Normalise casing before casting fields
2022-09-08 12:45:09 +12:00
Guy Sartorelli
d3c28579b7
[CVE-2022-38462] Don't allow CRLF in header values 2022-09-07 11:22:07 +12:00
Guy Sartorelli
6d885ab894
FIX Normalise casing before casting fields 2022-08-25 17:36:06 +12:00
Guy Sartorelli
a7c8ce8d0c
Merge pull request #10432 from creative-commoners/pulls/4.11/remove-travis
MNT Remove travis
2022-08-03 12:29:56 +12:00
Steve Boyd
befc202dec MNT Remove travis 2022-08-03 12:07:37 +12:00
Steve Boyd
fc029b96ed Merge branch '4.10' into 4.11 2022-08-02 18:24:24 +12:00
Guy Sartorelli
55b23d0c9f
Merge pull request #10429 from creative-commoners/pulls/4.10/standardise-modules
MNT Standardise modules
2022-08-02 15:00:00 +12:00
Guy Sartorelli
051e74a289
Merge pull request #10430 from kinglozzer/backtrace
FIX: Invalid argument warning in backtrace
2022-08-01 20:42:47 +12:00
Loz Calver
6b15bd6dd4 FIX: Invalid argument warning in backtrace 2022-08-01 09:08:52 +01:00
Steve Boyd
44b2058fbc MNT Standardise modules 2022-08-01 10:05:19 +12:00
Steve Boyd
b24c289892 Merge branch '4.10' into 4.11 2022-07-28 14:05:07 +12:00
Guy Sartorelli
dcadb9acb1
Merge pull request #10426 from creative-commoners/pulls/4.10/mb3
MNT Update Utf8TestHelper for MySQL 8.0.30
2022-07-28 13:52:17 +12:00
Steve Boyd
bdf7d09144 MNT Update Utf8TestHelper for MySQL 8.0.30 2022-07-28 13:21:23 +12:00
Guy Sartorelli
0a58a443f3
Merge pull request #10422 from creative-commoners/pulls/4.11/revert-skiptest
MNT No longer mark tests as skipped if running mysql 8
2022-07-26 15:58:11 +12:00
Steve Boyd
ce46e2da47 MNT No longer mark tests as skipped if running mysql 8 2022-07-26 13:54:10 +12:00
Guy Sartorelli
92d8180c69
Merge pull request #10420 from creative-commoners/pulls/4.11/ignore-test
MNT Skip test if Page class missing
2022-07-25 17:06:48 +12:00
Steve Boyd
24daf3ae83 MNT Skip test if Page class missing 2022-07-25 16:35:28 +12:00
Steve Boyd
f6693d4ea5 Merge branch '4.10' into 4.11 2022-07-22 11:20:22 +12:00
Guy Sartorelli
5a91cfca8a
Merge pull request #10416 from creative-commoners/pulls/4.10/backport-ci
MNT Add GitHub Actions CI
2022-07-22 11:18:17 +12:00
Steve Boyd
5eb8d3e25f MNT Skip test in MySQL8 2022-07-22 11:16:32 +12:00
Steve Boyd
dd210e0f84
FIX Check if blank method passed (#10417) 2022-07-21 15:49:48 +12:00
Steve Boyd
674e6d9b7b MNT Update utf8 aliases for mysql 8 and mariadb 10.6 2022-07-21 15:19:16 +12:00
Steve Boyd
9db1cd056e MNT Add GitHub Actions CI 2022-07-21 14:44:02 +12:00
Steve Boyd
c0e8a21acf Merge branch '4.10' into 4.11 2022-07-08 17:13:03 +12:00
Guy Sartorelli
cc3ec577ed
MNT Remove scrutinizer config. (#10396) 2022-07-08 16:44:50 +12:00
Guy Sartorelli
3cad03357a
Merge pull request #10384 from creative-commoners/pulls/4.11/remove-wrong-message
FIX Unexpected message issue
2022-07-08 13:20:11 +12:00
Michal Kleiner
f2abba8e9e
Merge pull request #10387 from kinglozzer/10386-form-attributes
FIX Add missing casting for Form::getAttributesHTML (fixes #10386)
2022-07-05 01:39:35 +12:00
Loz Calver
9b45342a06 FIX: Add missing casting for Form::getAttributesHTML (fixes #10386) 2022-07-04 12:24:58 +01:00
Steve Boyd
55c3e24a50 Merge branch '4.10' into 4.11 2022-07-04 21:02:23 +12:00
Guy Sartorelli
8a314a90e7
Merge pull request #10385 from silverstripe/pulls/4.10/pdo
FIX PDO in PHP 8
2022-07-04 18:24:10 +12:00
Sabina Talipova
babc811381 FIX Remove unexpected message 2022-07-04 16:05:57 +12:00
Steve Boyd
5a940b0f14 FIX PDO in PHP 8 2022-07-04 15:08:52 +12:00
Brandon Iffert
ad83b78a10
FIX Handle null values passed to PDO::quote() (#10383) 2022-07-04 13:17:51 +12:00