mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
63 lines
11 KiB
Markdown
63 lines
11 KiB
Markdown
# 3.3.2
|
|
|
|
<!--- Changes below this line will be automatically regenerated -->
|
|
|
|
## Change Log
|
|
|
|
### Security
|
|
|
|
* 2016-04-18 [3c0f2e8](https://github.com/silverstripe/silverstripe-framework/commit/3c0f2e8e11a1bead64d869854b9dfc0f80e7579a) Add CSFR protection to tree reorganise (Daniel Hensby) - See [ss-2015-029](http://www.silverstripe.org/download/security-releases/ss-2015-029)
|
|
* 2016-04-18 [a24c826](https://github.com/silverstripe/silverstripe-framework/commit/a24c8260b1d048dc6a0836eb1be9a1ca2056e770) Store current page IDs as ints (Daniel Hensby) - See [ss-2016-004](http://www.silverstripe.org/download/security-releases/ss-2016-004)
|
|
* 2016-04-18 [1ccd392](https://github.com/silverstripe/silverstripe-framework/commit/1ccd3926e3dcecaa5c1b4f26a390d9eacc24a893) Properly check backurl on CMSSecurity@success (Daniel Hensby) - See [ss-2016-001](http://www.silverstripe.org/download/security-releases/ss-2016-001)
|
|
* 2016-04-18 [f32c893](https://github.com/silverstripe/silverstripe-framework/commit/f32c893546340c8c279fd1ab6d4269e9d6539bc2) Apply brute force protection to default admin (Daniel Hensby) - See [ss-2016-005](http://www.silverstripe.org/download/security-releases/ss-2016-005)
|
|
* 2016-04-18 [a6bd22a](https://github.com/silverstripe/silverstripe-framework/commit/a6bd22ab2f3b11a054d20be13306a19089510989) dont disable XSS for login forms (Daniel Hensby) - See [ss-2016-006](http://www.silverstripe.org/download/security-releases/ss-2016-006)
|
|
* 2016-02-17 [faa94d5](https://github.com/silverstripe/silverstripe-framework/commit/faa94d51d570788dcebc2f2ef6e9de4d179ce1e4) Hostname, IP and Protocol Spoofing through HTTP Headers (Ingo Schommer) - See [ss-2016-003](http://www.silverstripe.org/download/security-releases/ss-2016-003)
|
|
* 2016-02-17 [37059eb](https://github.com/silverstripe/silverstripe-framework/commit/37059eb6b3546f304e9c031abca0f096ddb175c6) Hostname, IP and Protocol Spoofing through HTTP Headers (Ingo Schommer) - See [ss-2016-003](http://www.silverstripe.org/download/security-releases/ss-2016-003)
|
|
* 2016-02-17 [15d4db3](https://github.com/silverstripe/silverstripe-framework/commit/15d4db3b4a7dbc9a7e089f9329a396f8408ed7d9) Block unauthenticated access to dev/build/defaults (Damian Mooyman) - See [ss-2015-028](http://www.silverstripe.org/download/security-releases/ss-2015-028)
|
|
* 2016-02-17 [5d2fc0d](https://github.com/silverstripe/silverstripe-framework/commit/5d2fc0d7cac4ce686f7ae05c1a7b1ad8c01711a8) Block unauthenticated access to dev/build/defaults (Damian Mooyman) - See [ss-2015-028](http://www.silverstripe.org/download/security-releases/ss-2015-028)
|
|
* 2016-02-17 [013524a](https://github.com/silverstripe/silverstripe-framework/commit/013524af5069bb0cf909853f04418d9bef56d18c) Ensure Gridfield actions respect CSRF (Damian Mooyman) - See [ss-2016-002](http://www.silverstripe.org/download/security-releases/ss-2016-002)
|
|
* 2016-02-17 [e2c77c5](https://github.com/silverstripe/silverstripe-framework/commit/e2c77c5a8f13e901c51a3684210811559b592f0c) Ensure Gridfield actions respect CSRF (Damian Mooyman) - See [ss-2016-002](http://www.silverstripe.org/download/security-releases/ss-2016-002)
|
|
|
|
### Bugfixes
|
|
|
|
* 2016-05-01 [2a5ba39](https://github.com/silverstripe/silverstripe-framework/commit/2a5ba397e61b0c23fcc866bcd088876586ca8a3c) Fix SS_HTTPResponse being cast as string (#5413) (Damian Mooyman)
|
|
* 2016-04-24 [fde6376](https://github.com/silverstripe/silverstripe-framework/commit/fde6376996dbaba31601065869c60676845eeb85) Admin bloacklisted messages using correct $.inArray check (Daniel Hensby)
|
|
* 2016-04-12 [36283b8](https://github.com/silverstripe/silverstripe-framework/commit/36283b86d5305cc2c5d4823e54972cd301978389) Stop "success" message showing in CMS (Daniel Hensby)
|
|
* 2016-04-11 [707aa14](https://github.com/silverstripe/silverstripe-framework/commit/707aa14c6ceb98b1a9b2f911d9f6520d32b3fa55) for #5299 Adding <code> blocks to Injector documentation. (Patrick Nelson)
|
|
* 2016-04-07 [000bf09](https://github.com/silverstripe/silverstripe-cms/commit/000bf0935447e49b94faee1733cb09accd2042fc) for #1447 to ensure proper type-safe checking of file_put_contents() in ErrorPage->writeStaticPage() (Patrick Nelson)
|
|
* 2016-04-01 [9d9c572](https://github.com/silverstripe/silverstripe-framework/commit/9d9c572cf819e9186b3bf386f5a9959c7508286c) for #5251 to address minor URL decoding/parsing bug. (Patrick Nelson)
|
|
* 2016-03-31 [6ec2656](https://github.com/silverstripe/silverstripe-framework/commit/6ec26562019454483db79132a5c076cfa87dfe34) fix ErrorControlChain causing errors to be displayed if display_errors in php.ini is false (Damian Mooyman)
|
|
* 2016-03-28 [aeb4aa9](https://github.com/silverstripe/silverstripe-framework/commit/aeb4aa9565dfcd251f527362518e5c8be1df7e02) Dont allow plain text friendly errors (Daniel Hensby)
|
|
* 2016-03-27 [5ede516](https://github.com/silverstripe/silverstripe-framework/commit/5ede516c771055d09a1578e1598ac0ec58a28f5e) GridField::FieldHolder() should not attempt to parse shortcodes (fixes #5129) (Loz Calver)
|
|
* 2016-03-21 [9d62d9d](https://github.com/silverstripe/silverstripe-cms/commit/9d62d9d3818d6acfc08a98b5e0fcaf255295f70f) Link tracking not escaping `#` Fixes #1409 (Daniel Hensby)
|
|
* 2016-03-21 [5f8356d](https://github.com/silverstripe/silverstripe-framework/commit/5f8356d6868be9035c4b2a4d00d04c14ab34e4e4) Fix File::getRelativePath() failing if parent folder is renamed (Damian Mooyman)
|
|
* 2016-03-20 [283885f](https://github.com/silverstripe/silverstripe-framework/commit/283885f0915154913b681e62bc04414e3a092fbf) tab wrapping (Jonathon Menz)
|
|
* 2016-03-18 [ada1206](https://github.com/silverstripe/silverstripe-framework/commit/ada12066f3cfefd76d9354b24dde93e7168ce5ad) Autocomplete loading spinner now showing (Daniel Hensby)
|
|
* 2016-03-18 [add2ecd](https://github.com/silverstripe/silverstripe-framework/commit/add2ecdf8bb977a0234cf773b578eae9872a0d28) Parameter tokens now redirect to correct url if mod_rewrite is off (Daniel Hensby)
|
|
* 2016-03-18 [57cfe3c](https://github.com/silverstripe-labs/silverstripe-reports/commit/57cfe3c66a5d67e88bbb1d4150329c6d4841f683) Bad joining of links in reports (Daniel Hensby)
|
|
* 2016-03-10 [bc31d9c](https://github.com/silverstripe/silverstripe-cms/commit/bc31d9ca9c667ba9015e35d5eae20158056a7b7c) Use `Controller::join_links()` in Reports (Daniel Hensby)
|
|
* 2016-03-08 [0364204](https://github.com/silverstripe/silverstripe-cms/commit/036420470da5def5c8e45c94601d3494273d476c) Incorrect title attribute on CMS tabs (Loz Calver)
|
|
* 2016-03-07 [aa57427](https://github.com/silverstripe/silverstripe-framework/commit/aa57427874f0115c2c188dfc821ba09bf467d241) Don't install imagick on php 5.3 (Damian Mooyman)
|
|
* 2016-03-07 [86b1c8f](https://github.com/silverstripe/silverstripe-framework/commit/86b1c8fc2849e8f65f473286a3b2d09f4b76eaf7) file sync removes folders with dot in name (Jonathon Menz)
|
|
* 2016-03-07 [6a22454](https://github.com/silverstripe/silverstripe-framework/commit/6a2245474d0d6c13d52a9a5104ac8ac3e8fd68a2) Fix FulltextsearchEnable (Damian Mooyman)
|
|
* 2016-03-01 [2079844](https://github.com/silverstripe/silverstripe-framework/commit/2079844647e8422e600cb7c820e624a0a108bd07) fixes "Uncaught ImagickException: Can not process empty Imagick object" when deleting an image (Ryan McLaren)
|
|
* 2016-03-01 [817b836](https://github.com/silverstripe/silverstripe-framework/commit/817b83687028894574ba5a8e8ee8f3af21f23188) getIP from behind a load-balancer that adds many IPs to the header (Daniel Hensby)
|
|
* 2016-02-26 [bd48d89](https://github.com/silverstripe/silverstripe-framework/commit/bd48d89642a259e0a4c93ab2a686bc45b2ac3bc4) undeclared constant issue (Daniel Hensby)
|
|
* 2016-02-26 [c2a0e89](https://github.com/silverstripe/silverstripe-framework/commit/c2a0e8945f6f2bc2ff8bd4013c16195cf6d7b940) undeclared constant issue (Daniel Hensby)
|
|
* 2016-02-26 [99ca2aa](https://github.com/silverstripe/silverstripe-framework/commit/99ca2aa23d7107ac615f6752f473502fe7524ba0) Fix regressions in missing CSRF on print button (Damian Mooyman)
|
|
* 2016-02-26 [cc95703](https://github.com/silverstripe/silverstripe-framework/commit/cc95703b18187b3940f02380f8e5667d61345660) Fix regressions in missing CSRF on print button (Damian Mooyman)
|
|
* 2016-02-26 [320c833](https://github.com/silverstripe/silverstripe-framework/commit/320c833fa1573b35a0a48ff0052bd7f63844c54f) Fix regressions in missing CSRF on print button (Damian Mooyman)
|
|
* 2016-02-25 [f7cacca](https://github.com/silverstripe/silverstripe-framework/commit/f7caccaa7a3de7a38732e2c309253df759ce1b3f) Fix regression in gridfield get actions (Damian Mooyman)
|
|
* 2016-02-25 [3dc0d0e](https://github.com/silverstripe/silverstripe-framework/commit/3dc0d0ee89cba6b780c8770a94490c60a5b52745) Fix regression in gridfield get actions (Damian Mooyman)
|
|
* 2016-02-25 [b0ad86b](https://github.com/silverstripe/silverstripe-framework/commit/b0ad86bf8f34115173e03bfc657c5bbb52e6a7c0) Fix regression in gridfield get actions (Damian Mooyman)
|
|
* 2016-02-22 [65a0981](https://github.com/silverstripe/silverstripe-framework/commit/65a0981c0895bd92bcc020ef433b04e0de6ab05c) Correct behaviour of publish with $createNewVersion = true (Damian Mooyman)
|
|
* 2016-02-16 [644c807](https://github.com/silverstripe/silverstripe-cms/commit/644c8070311e82d35c39c6e1f0d37cc8aba53665) Use correct formaction for doRollback exemption #1378 (Andrew Aitken-Fincham)
|
|
* 2016-02-15 [8771859](https://github.com/silverstripe/silverstripe-framework/commit/87718597e8f04872c285808d0666fbb69c5100ba) "where" method in SQLUpdate Example (Richard Rudy)
|
|
* 2016-02-05 [0c252af](https://github.com/silverstripe/silverstripe-framework/commit/0c252af3340057261a03fdecae8ac6f888292f12) Fixed issue #5002 DatetimeField styles in the new filter panel (UndefinedOffset)
|
|
* 2016-01-28 [3fcf1e2](https://github.com/silverstripe/silverstripe-framework/commit/3fcf1e2c98629dcd0048ff9447bad4cd30b4bf95) edge case on many many extra fields (fixes 4991) (Mark Stephens)
|
|
* 2016-01-28 [7226524](https://github.com/silverstripe/silverstripe-framework/commit/7226524eb279bcb40185bde3dd298dc4bb6b6667) Fix invalid sv translation yml (Damian Mooyman)
|
|
* 2016-01-27 [3d0178e](https://github.com/silverstripe/silverstripe-cms/commit/3d0178ebc0b7408442ad2532f998ed47839e7117) Use correct formaction for doRollback exemption (Damian Mooyman)
|
|
* 2016-01-27 [361c9a0](https://github.com/silverstripe/silverstripe-framework/commit/361c9a03fe62431ea9f3fda200df80470334835f) removing hardcoded target _blank for tinymce file links (Ben Manu)
|
|
* 2016-01-24 [d8e354d](https://github.com/silverstripe/silverstripe-framework/commit/d8e354d144383fb6459adf92731853d2e54268d6) PHPDocs on DataList::getIDList() and UnsavedRelationList::getIDList() (Damian Mooyman)
|
|
* 2015-01-08 [adf0f10](https://github.com/silverstripe/silverstripe-framework/commit/adf0f102cc7a04cf8fcac8743801d48214118cad) Fixes CMS errors when viewing history on "Deleted" pages. (Russell Michell)
|