Version 3 end of life
This version of Silverstripe CMS will not recieve any additional bug fixes or documentation updates. Go to documentation for the most recent stable version.

3.1.17

Change Log

Security

  • 2016-02-17 37059eb Hostname, IP and Protocol Spoofing through HTTP Headers (Ingo Schommer) - See ss-2016-003
  • 2016-02-17 5d2fc0d Block unauthenticated access to dev/build/defaults (Damian Mooyman) - See ss-2015-028
  • 2016-02-17 013524a Ensure Gridfield actions respect CSRF (Damian Mooyman) - See ss-2016-002

Bugfixes

  • 2016-02-16 644c807 Use correct formaction for doRollback exemption #1378 (Andrew Aitken-Fincham)
  • 2016-01-05 00544ff session_regenerate_id uses config system (Daniel Hensby)
  • 2016-01-05 4335d8e Members with no ID inherit logged in user permission (Daniel Hensby)
  • 2015-11-18 e9b833f ConfirmedPassword field correctly reports mismatching passwords (Christopher Darling)
  • 2015-11-05 f577ecb prevent use cache on browser back button (Igor Nadj)