[TYPO3-dev] Announcing TYPO3 4.1.4 and 4.0.8
Basti Baumann
donillo at gmail.com
Tue Dec 11 12:21:32 CET 2007
Ingmar Schlecht schrieb:
> Dear TYPO3 users,
>
> TYPO3 versions 4.1.4 and 4.0.8 are ready for download. They are
> maintenance releases of versions 4.1 and 4.0 and therefore contain only
> bugfixes. No database update is necessary to perform the upgrade.
>
> Notable changes in 4.0.8:
> * The above mentioned security fix to indexed_search
> * A bugfix to image generation
>
> Notable changes in 4.1.4:
> * Fixed a low-severity SQL injection in the modfunc2 of
> indexed_search
> o The issue was only exploitable by BE users
> o The severity of the issue was limited because addslashes()
> was already applied to the value - yet not within a quoted
> string
> o For details see the bulletin [1]
> * Translated language files were not always loaded
> * A couple of issues with HTMLArea have been fixed
> * Fixes of "Limit to Language" functionality
> * Fixes regarding Inline Relational Record Editing (IRRE):
> o Htmlarea is not show in child records if parent has no RTE
> o Combination mode doesn't save new child records correctly
> o Palettes are not always rendered correctly
> * Flexforms didn't resolve sheets correctly causing "Cannot use
> string offset as an array" error message
>
> For details about the releases, see:
> http://wiki.typo3.org/index.php/TYPO3_4.1.4
> http://wiki.typo3.org/index.php/TYPO3_4.0.8
>
> Download:
> http://typo3.org/download/packages/
>
> [1] Indexed Search SQL Injection - Security Bulletin
> http://typo3.org/teams/security/security-bulletins/typo3-20071210-1/
>
Hi,
und endlich ist der Language Bug behoben ;)
Sehr fein!!
Grüße
Basti
More information about the TYPO3-dev
mailing list