mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
4.3 KiB
4.3 KiB
3.2.6
Change Log
Security
- 2016-11-11 4440b88 Form@httpSubmission will no longer load submitted data to disabled or readonly fields (Daniel Hensby) - See ss-2016-010
- 2016-11-11 61e4055 Cast FormField values as Text to prevent readonly fields embeding rogue HTML (Daniel Hensby) - See ss-2016-010
- 2016-10-27 17097a4 Properly escape backURL for template injection (Daniel Hensby) - See ss-2016-016
- 2016-08-02 62a2421 value / title escaping in CheckboxSetField and OptionsetField (Damian Mooyman) - See ss-2016-015
- 2016-07-25 1c7d5de Autologin cookies are ignored if autologin is disabled (Daniel Hensby) - See ss-2016-014
- 2016-07-22 6817c57 Uncasted member name (Daniel Hensby) - See ss-2016-013
- 2016-07-15 298f615 Reset
Member::Salton password change (Daniel Hensby) - See ss-2016-008 - 2016-07-14 6606d98 ChangePasswordForm does not check $member->canLogin before login (Daniel Hensby) - See ss-2016-011
- 2016-07-14 ca526b0 Missing ACL check on ReportAdmin (Daniel Hensby) - See ss-2016-012
- 2016-07-14 5f73d34 Missing ACL check on ReportAdmin (Daniel Hensby) - See ss-2016-012
- 2016-07-14 04b4453 Missing ACL check on ReportAdmin (Daniel Hensby) - See ss-2016-012
Bugfixes
- 2016-11-03 edfe514 Ensure that builds use the 3.4 dependencies. (Sam Minnee)
- 2016-09-12 a14df0b Force line endings to LF on sake file (Daniel Hensby)
- 2016-09-06 e7ecf6c Bad strpos call in HTTP::register_etag() (Daniel Hensby)
- 2016-08-22 59be597 #1052 (Daniel Hensby)
- 2016-08-22 4998b80 ArrayList sorting now caseinsensitive (Daniel Hensby)
- 2016-08-15 95c640a Fix regression in FormField casting (Damian Mooyman)
- 2016-07-28 56f0b72 ETag header now properly quoted (Daniel Hensby)