Änderungen im Rahmen des TYPO3 6.2 ELTS

ChangeLog TYPO3 Version 6.2.32 bis 6.2.48

Im ChangeLog sind die Änderungen an den einzelnen Versionen dokumentiert:

2020-01-27 fa5642f8c Release version 6.2.48
2020-01-27 05498c422 [BUGFIX] Remove duplicate boolean operator in QueryGenerator
2020-01-27 b97512e41 [BUGFIX] Ensure ZipService->extract sets proper permissions

2019-12-17 26468f64d Release version 6.2.47
2019-12-17 591e43428 [SECURITY] Avoid insecure deserialization in QueryGenerator & QueryView
2019-12-17 43c45f567 [SECURITY] Avoid XSS by correctly encoding typolink results
2019-12-17 76c5ede26 [SECURITY] Prevent SQLi in ext:lowlevel QueryGenerator
2019-12-17 0aaae547b [TASK] Streamline frontend user password recovery process
2019-12-17 1bc945773 [SECURITY] Avoid directory traversal on archive extraction
2019-12-17 8aef56180 [SECURITY] XSS in file list through file extension
2019-12-16 7260b6155 [SECURITY] Avoid possible insecure deserialization in Extbase
2019-12-09 0fd654277 [BUGFIX] Prevent encoding of search form

2019-08-20 233c7c91b Release version 6.2.46
2019-07-30 325963f4a [BUGFIX] Set empty iframe src for Webkit and Chrome

2019-07-02 f1fb97d45 Release version 6.2.45
2019-06-26 0f8924f49 [BUGFIX] Don’t call getSessionBackend on SessionManager

2019-06-25 86d68cf0f Release version 6.2.44
2019-06-25 96c52b8fc [SECURITY] Disallow insecure deserialization for l18n_diffsource
2019-06-25 b695bb0bf [SECURITY] Check record permissions in record information popup
2019-06-25 f4853ad1d [SECURITY] Deny pages' TSconfig for non-admins
2019-06-25 d282e6b7d [BUGFIX] HTMLArea/Edge: Restore selection when using ElementBrowse
2019-06-25 e09236f71 [TASK] Use typo3/phar-stream-wrapper instead custom implementation

2019-05-08 6b9cca9758 Release version 6.2.43
2019-05-08 7268187fdb [SECURITY] Enclose file type scope when invoking ImageMagick
2019-05-07 0abe8f2c10 [TASK] Set TYPO3 version to 6.2.43-dev

2019-05-07 6204149f94 Release version 6.2.42
2019-05-07 b5d42844f2 Merge pull request #12 in ELTS/elts-working-repo from DEV-20-rce-in-imagemagick to TYPO3_6-2
2019-05-07 0bf6fbe95a [SECURITY] Destroy sessions on password change
2019-05-07 ed2bffbb5c [SECURITY] Destroy sessions on password change
2019-05-06 d78d3861c7 [SECURITY] Enclose file type scope when invoking ImageMagick
2019-05-03 3fd0d76d6a [TASK] Incorporate changes of jQuery version to 3.4.0
2019-05-02 e9c73db244 [TASK] Incorporate changes of jQuery version to 3.4.0
2019-03-26 d92092c79b Merge pull request #8 in ELTS/elts-working-repo from bugfix/ESD-78_escape_empty_parameters_causes_GM_to_fail to TYPO3_6-2
2019-03-25 7464bd648b [BUGFIX] Don't escape empty parameters in GraphicalFunctions
2019-03-19 8adb407f97 [TASK] Set TYPO3 version to 6.2.42-dev

2019-03-19 27f7768262 Release version 6.2.41
2019-03-19 9f8520250f [TASK] Add .ddev/ to .gitignore
2019-03-15 671f076b1b [SECURITY] Use parseFunc to render content objects in EXT:form
2019-03-15 e485c35f5e [BUGFIX] Do not use about:blank as src in other Webkit browsers than Chrome
2019-03-15 2d89cd6975 [SECURITY] XSS in case RTE is disabled
2019-03-15 f04bf4a0fc [BUGFIX] Use non-JavaScript based iframe src
2019-03-14 e31e850bb0 [BUGFIX] Use non-JavaScript based iframe src
2019-02-28 6f77d717f5 [TASK] tgt-1700 composer wants lowercase mikey179/vfsStream
2019-02-05 6921d48833 [BUGFIX] Harden GeneralUtility::imageMagickCommand() calls
2019-01-25 0e222469be [TASK] bamboo: db dependency loop needs break condition
2019-01-22 4b323ab921 Set version to 6.2.41-dev

2019-01-22 0303e90046 Release version 6.2.40
2019-01-22 f91fcee297 [SECURITY] Extend file deny pattern
2019-01-22 a73e9d4f03 [SECURITY] XSS issues in Fluid view helpers
2019-01-22 b9af35a256 [SECURITY] Avoid creation of backend users without password
2019-01-22 49c5e8d0a0 [BUGFIX] Harden CommandUtility invocations
2019-01-22 f18f280cbe [TASK] Adjust copyright year
2018-12-12 0b67bd21d6 Set version to 6.2.40-dev

2018-12-11 717b357291 Release version 6.2.39
2018-12-11 08d17184db Merge pull request #7 in ELTS/elts-working-repo from december_11 to TYPO3_6-2
2018-12-11 93dd8232c8 [SECURITY] Add feature toggle to disable record registration
2018-12-11 200cf3bef3 [SECURITY] Remove TYPO3 version from installer
2018-12-11 b160b4d0af [SECURITY] Make InstallTool session cookie HTTP-only
2018-12-11 c0907b99c8 [SECURITY] Prevent XSS with fe_users data in felogin/TSFE
2018-12-11 d3c2d04585 [SECURITY] Properly escape videoId for Media Urls
2018-12-11 87a1e678ee [!!!][TASK] Remove websvg functionality
2018-07-17 3eb2916975 Merge pull request #6 in ELTS/elts-working-repo from bamboo-works to TYPO3_6-2
2018-07-17 8124f3376b [TASK] Update memcache and redis test to use env vars
2018-07-17 0ebfd8e622 [TASK] Run tests on new bamboo infrastructure
2018-07-12 f91cbaa426 Set version to 6.2.39-dev

2018-07-12 60f5b39 Release version 6.2.38
2018-07-12 192da5c [SECURITY] Explicitly deny object deserialization
2018-07-12 7d07bc9 [SECURITY] Deny authentication bypass using blowfish/md5 encryption
2018-07-12 6d88efe [SECURITY] Introduce PHP stream wrapper for phar:// protocol
2018-07-09 252ecaf [SECURITY][BUGFIX] Mitigate phar stream wrapper
2018-05-22 c47a4f9 [TASK] Set version 6.2.38-dev

2018-05-22 9806c3e [RELEASE] Release of version 6.2.37
2018-05-22 4759710 [BUGFIX] Add SYS/ipAnonymization to DefaultConfiguration
2018-05-15 73caf91 [TASK] Anonymize token in Exception handlers
2018-05-14 f4e4c58 [FEATURE] Add scheduler task to anonymize IP addresses of tables
2018-05-14 8a9d609 [TASK] Remove usage of class constant
2018-05-14 a1ac3cd [FEATURE] Make indexed_search ready for GDPR
2018-05-14 15d485c [FEATURE] Add API to anonymize IP addresses
2018-05-14 7a1c6b1 [FEATURE] Add API to anonymize IP addresses
2018-03-13 aec7b18 [TASK] Set version 6.2.37-dev

2018-03-13 a18b31f [RELEASE] Release of TYPO3 ELTS 6.2.36
2018-02-12 31dd746 Merge pull request #5 in ELTS/elts-working-repo from bugfix/TGT-1040-form to TYPO3_6-2
2018-02-12 8b492a7 [SECURITY] Properly verifiy any sanitize user submitted mail form data
2018-02-12 e497816 Merge pull request #3 in ELTS/elts-working-repo from block_access_to_typoscript to TYPO3
2018-02-09 c50204e take over the changes the same way they were merged into 7.6 (https://review.typo3.org/c
2018-02-06 182f993 Merge pull request #2 in ELTS/elts-working-repo from task/composer_licence to TYPO3_6-2
2018-02-06 345112c [TASK] Update composer.json license definition
2018-02-05 7d6d714 Merge pull request #4 in ELTS/elts-working-repo from task/fix_redit_tests to TYPO3_6-2
2018-02-05 f39cf88 [BUGFIX] Fix broken redis tests
2018-02-01 ec73b28 [TASK] Block access to ext_typoscript_setup|constants.typoscript files

2017-09-06 5f64975 [RELEASE] Release of TYPO3 ELTS 6.2.35
2017-09-06 8736820 [SECURITY][BUGFIX] Remove version from default User-Agent

2017-09-05 322f070 [RELEASE] Release of TYPO3 ELTS 6.2.34
2017-09-04 1ee27f9 [SECURITY][BUGFIX] Remove version from default User-Agent
2017-09-04 97b23fc [SECURITY][BUGFIX] Disallow pht as file extension

2017-08-30 c9fc4b8 [RELEASE] Release of TYPO3 ELTS 6.2.33
2017-08-30 73c0ddb [BUGFIX] Fix typo in rtehtmlarea TYPO3Link

2017-08-29 3719867 [RELEASE] Release of TYPO3 ELTS 6.2.32
2017-08-24 eaa56c9 [SECURITY] Prevent insecure TypoScript processing in EXT:form
2017-08-16 2c00d44 [BUGFIX] Use EXEC_TIME for sys_log entry instead of time()
2017-08-16 bf2c28b [BUGFIX] HtmlArea: Use getAttribute() directly
2017-08-16 b13606a [BUGFIX] Reload page tree after deleting pages
2017-08-16 1c4667b [TASK] Correct view webpage link anchor in list module
2017-08-16 65cc8a1 [BUGFIX] Add support for target attribute to form viewhelper


Aktualisiert: 22.07.2021