Versions:

3.6.7

Change Log

Security

  • 2019-01-10 c44f06cdf Patch SQL Injection vulnerability when arrays are assigned to DataObject Fields (Aaron Carlino) - See ss-2018-021
  • 2018-09-26 598edd913 Add confirmation token to dev/build (Loz Calver) - See ss-2018-019

Bugfixes

  • 2019-01-23 746c0679a Injector may instantiate prototypes as if they're singletons (fixes #8567) (Loz Calver)
  • 2018-11-15 86701b8cd Redirect loop with multiple URL tokens (fixes #8607) (Loz Calver)
  • 2018-06-04 41e601a03 Regression from #8009 (Daniel Hensby)
  • 2018-05-29 1cbf27e0f PHP 5.3 compat for referencing $this in closure, and make method public for same reason (Robbie Averill)
  • 2018-04-17 af3a9f3ec Duplicating many_many relationships looses the extra fields (fixes #7973) (UndefinedOffset)
  • 2018-03-15 d17d93f7 Remove SearchForm results() function from allowed_actions (Steve Dixon)
  • 2018-02-16 86addea1d Split HTML manipulation to onadd, so elements are not accidentally duplicated (Christopher Joe)
  • 2018-02-13 c767e472d DataObject singleton creation (Jonathon Menz)

Was this article helpful?