silverstripe-framework/docs/en/04_Changelogs/2.3.7.md

12 lines
778 B
Markdown

# 2.3.7 (2010-03-18)
## Changelog
### Bugfixes
* [rev:101229] Don't delete index.php after successful installation - in ContentController->deleteinstallfiles(). URL routing might rely on it without mod_rewrite.
* [rev:101229] Require ADMIN permissions for ContentController->deleteinstallfiles() - together with retaining index.php this removed a vulnerability where unauthenticated users can disrupt mod_rewrite-less URL routing. (from r101227)
* [rev:100744] Fixing Member_ProfileForm to validate for existing members via Member_Validator to avoid CMS users to switch to another existing user account by using their email address (from r100704) (from r100717)
Created with:
<code>./sscreatechangelog --version 2.3.7 --branch branches/2.3 --stopbranch tags/2.3.6</code>