Versions:

3.4.1

Change Log

Security

  • 2016-08-02 b0ba201 Fix value / title escaping in CheckboxSetField and OptionsetField (Damian Mooyman) - See ss-2016-015
  • 2016-07-25 d1163d8 Autologin cookies are ignored if autologin is disabled (Daniel Hensby) - See ss-2016-014
  • 2016-07-22 8bbf1ca Uncasted member name (Daniel Hensby) - See ss-2016-013
  • 2016-07-15 08384bb Reset Member::Salt on password change (Daniel Hensby) - See ss-2016-008
  • 2016-07-14 782c18f ChangePasswordForm does not check $member->canLogin before login (Daniel Hensby) - See ss-2016-011
  • 2016-07-14 c1525c8 Missing ACL check on ReportAdmin (Daniel Hensby) - See ss-2016-012
  • 2016-05-03 41be95c Encode user supplied URL for embeding into page (Daniel Hensby) - See ss-2016-007

Bugfixes

  • 2016-08-15 ac26816 Fix regression in url concatenation #4967 (Damian Mooyman)
  • 2016-08-15 ef85618 Fix regression in FormField casting (Damian Mooyman)
  • 2016-08-02 af3412a fix to grid field loading wrong current page id when using multiple tabs (John Milmine)
  • 2016-08-02 cd80d50 Fix unset config options returning isset() = true (Damian Mooyman)
  • 2016-08-01 7d0b8e6 Fix permission checking code not correctly handling escaped SQL identifiers (Damian Mooyman)
  • 2016-07-28 6c37532 Gridfield delete action back link (#5848) (Jono Menz)
  • 2016-07-28 c965133 Direct edit file by URL (Jonathon Menz)
  • 2016-07-25 3306deb Fix link concatenation in SilverStripeNavigator (#1560) (Damian Mooyman)
  • 2016-07-25 9c7c7f6 Fix regression in missing require_js from #4259 (Damian Mooyman)
  • 2016-07-22 82e5431 do not show HiddenClass pages in allowed children (#1555) (Robbie Averill)
  • 2016-07-20 319d6d2 Fix doclink (#5827) (Damian Mooyman)
  • 2016-07-19 10e06dc Fixes #1054 By preventing errors in the CMS only. (Russell Michell)
  • 2016-07-15 b3fea37 Fixes support for "inline" form actions (fixes #2534) (Loz Calver)
  • 2016-07-12 24efc7e Fix sorting ArrayList with sql-like syntax (Damian Mooyman)
  • 2016-07-12 8123c43 Fix getAbsoluteLiveLink() concatenation (Damian Mooyman)
  • 2016-07-12 87477a1 Fix incorrect url manipulation (Damian Mooyman)
  • 2016-07-07 4aa1fc2 Changed form fields that call renderWith in Field() to call parent::Field() instead (#5783) (Ed Chipman)
  • 2016-07-07 27cea80 SS_ConfigStaticManifest_Parser failed to handle ::class syntax (fixes #5701) (#5781) (Loz Calver)
  • 2016-07-04 0b7dab3 Fix missing icons (Damian Mooyman)
  • 2016-07-01 39238d9 falsey attribute values in shortcodes now work (Daniel Hensby)
  • 2016-06-30 2cdfe6c Use RAW for DBField template helpers (Daniel Hensby)
  • 2016-06-30 b0f237b Use RAW instead of Value for parsing shortcodes (Daniel Hensby)
  • 2016-06-13 f0d4951 for #5683: Address security warning in CMS when attempting to access <iframe> contents (Back-porting fix from PR #5163) (Patrick Nelson)
  • 2016-06-08 bf00810 Fix buttonClicked() error (Damian Mooyman)
  • 2016-06-06 946495b Regression with <% with / %> (fixes #5656) (Loz Calver)
  • 2016-05-31 eba89b9 OldPageRedirector no longer loops infinitely if 404 thrown on existing page (Daniel Hensby)
  • 2016-05-31 341f49c Fixed lookup of next closest visible field for focus restoring (fixes #5618) (UndefinedOffset)
  • 2016-05-27 f1a0aef fix CMS_ACCESS permission being ignored if in incorrect order in array (Damian Mooyman)
  • 2016-05-21 decd7e5 Fix getFinalisedQuery not including all queried columns (Damian Mooyman)
  • 2016-05-20 8382685 #5557 Tests with no DB requirements wont create test DB (Daniel Hensby)
  • 2016-04-19 43dcde5 Hierarchy was incorrectly unexpanding nodes that had been previously expanded (madmatt)
  • 2016-01-22 4bd66b9 for #4909: Ensure RSSFeed_Entry is instantiated using the injector. (Patrick Nelson)
  • 2015-04-21 a7100e9 Object::parse_class_spec failed to parse associative arrays (Loz Calver)

Was this article helpful?