Activity
From 2014-05-07 to 2014-06-05
2014-06-05
- 23:07 Revision c578d476: [BUGFIX] Unified maxitems default value for group fields
- The maxitems value for a group field defaults to 1 instead of 100000 so
that it is consistent with the TCA reference ... - 22:57 Revision 3b5196b6: [BUGFIX] Admin panel extGetFeAdminValue() overrides are wrong
- The current check does not properly consider the override values.
If a override is set, then its value has to be take... - 22:45 Revision 795fa7f5: [BUGFIX] Disabled backend users shown for workspace stage change
- On changing the stage of a workspace version, an accordant
dialog is shown with recipients to be informed about this
... - 22:28 Revision 1c766e75: [BUGFIX] Show images in preview of page module
- For custom content elements with image these are shown
as thumbs in the list module but not in the page module.
This... - 20:39 Revision 06af78d5: [CLEANUP] Add missing PHP comments in class LogoView
- Change-Id: I13d428c7b8a3964e8c376ad2c8d2a4af8c0059f1
Releases: 6.2
Resolves: #59374
Reviewed-on: https://review.typo3... - 20:09 Revision 2105c6f4: [BUGFIX] Improve the formatting of help of the CommandController
- This aligns the description of the command line options.
Resolves: #59372
Releases: 6.2
Change-Id: I474f8415d3ed62d5... - 19:49 Revision b2114781: [BUGFIX] Illegal string offset 'uid' in TypoScriptFrontendController
- Logoff sets user property to an empty string instead of NULL. This
leads to a PHP Warning in PHP 5.4
Change-Id: Ib0e... - 19:46 Revision 928b165e: [BUGFIX] Illegal string offset 'uid' in TypoScriptFrontendController
- Logoff sets user property to an empty string instead of NULL. This
leads to a PHP Warning in PHP 5.4
Change-Id: Ib0e... - 13:44 Revision 66bf424e: [BUGFIX] Warning in SearchController
- $this->sWArr is not defined SearchController.
Fix this to use the correct $this->searchWords variable.
Change-Id: Ib... - 13:44 Revision 49b7ac46: [BUGFIX] Warning in SearchController
- $this->sWArr is not defined SearchController.
Fix this to use the correct $this->searchWords variable.
Change-Id: Ib... - 10:29 Revision 79bbd9a3: [BUGFIX] Show content elements from hidden pages in preview
- Content elements from hidden pages are no longer shown in previews.
Fix this by checking with a strong comparison in... - 08:42 Revision f731fc36: [BUGFIX] New content elements are always stored on pid 0
- Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a... - 08:41 Revision 05bbf375: [BUGFIX] New content elements are always stored on pid 0
- Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a...
2014-06-04
- 19:45 Revision e00d0bfe: [BUGFIX] Fix frontend unit tests if executed standalone
- * Unit tests are allowed for CLI anyway
* Remove allow all in data provider
The latter implicitly caused a global al... - 19:43 Revision 2c8a4285: [BUGFIX] Fix frontend unit tests if executed standalone
- * Unit tests are allowed for CLI anyway
* Remove allow all in data provider
The latter implicitly caused a global al... - 18:16 Revision 15c26140: [BUGFIX] Fix frontend unit tests if executed standalone
- * Allow HTTP_HOST access for all unit tests
* Remove allow all in data provider
The latter implicitly caused a globa... - 17:58 Revision 13104c3e: [BUGFIX] Show storage and folder of file/folder
- To make it possible for an editor to find the real
location of a used file, the storage and folder are
added to the E... - 17:22 Revision c5b01462: [BUGFIX] New content elements are always stored on pid 0
- Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a...
2014-06-03
- 23:53 Revision cd81ccb5: [BUGFIX] DataHandler::log() must not return NULL
- Ensure the DataHandler::log() function does return integers
in all cases as denoted in the doc header.
Resolves: #59... - 23:52 Revision 67dbe5b9: [BUGFIX] Show file instead of file_reference info
- The irre elements of FAL items have an info icon which shows
some details info about the file_reference. But this is ... - 23:50 Revision c14e786d: [BUGFIX] List module pagination broken
- A wrong formula is used to calculate the pointer
for the pages.
This patch also introduces a central function for
cal... - 23:41 Revision 1355d8b6: [BUGFIX] Old TYPO3 logo still in use in ext:workspaces
- Replace old logo with the new logo.
Resolves: #59321
Releases: 6.2
Change-Id: I1b4386e0ee614096b4033f00d9fe9136d11a6... - 23:39 Revision 59f7440b: [BUGFIX] DataHandler::log() must not return NULL
- Ensure the DataHandler::log() function does return integers
in all cases as denoted in the doc header.
Resolves: #59... - 23:14 Revision 8454a698: [TASK] Check and use current file hash and size on export
- On creating exports the file hash and size is used from the
sys_file table. Since this could be not up-to-date in rea... - 23:00 Revision 44b18664: [BUGFIX] Use created folder object for adding images in impexp
- A folder to be created could change the name by sanitizing. So
the name of the created folder could differ from the r... - 22:06 Revision a40a196c: [BUGFIX] ElementBrowser: correct link attributes
- This is a regression fix for #55983, which introduced
additional urlencoding for title, class, ...
Remove the encodi... - 18:17 Revision 4fbb2504: [BUGFIX] Fix double ? in eID url for encryption key
- The AJAX url for retrieving a new encryption key contains
two question marks. This causes the request to fail.
Fix t... - 18:17 Revision d9d2dd17: [BUGFIX] Fix double ? in eID url for encryption key
- The AJAX url for retrieving a new encryption key contains
two question marks. This causes the request to fail.
Fix t... - 18:13 Revision 9576c32c: [BUGFIX] Fix wrong JS function name in RTE
- RTE feature "userlinks" generates a wrong JS function
name due to the automatic replacement during the
namespace conv... - 18:13 Revision a708170a: [BUGFIX] Fix wrong JS function name in RTE
- RTE feature "userlinks" generates a wrong JS function
name due to the automatic replacement during the
namespace conv... - 18:08 Revision d7919b04: [BUGFIX] Fix double ? in eID url for encryption key
- The AJAX url for retrieving a new encryption key contains
two question marks. This causes the request to fail.
Fix t... - 17:11 Revision 50b8effd: [BUGFIX] Fix wrong JS function name in RTE
- RTE feature "userlinks" generates a wrong JS function
name due to the automatic replacement during the
namespace conv... - 16:45 Revision f432417e: [BUGFIX] Canonicalize path before checking existence
- ResourceFactory fails to detect files in symlinked
scenarios, because the path is not canonicalized before
file exist... - 16:20 Revision 8fe6901a: [BUGFIX] Request update broken for select fields
- For select-type fields displayed as two side-by-side selectors
which are registered as "requestUpdate" fields, the fo...
2014-06-02
- 18:23 Revision 1e6c9544: [BUGFIX] TCA maxitems for FAL permissions wrong
- The setting for maxitems in the TCA of be_users and be_groups for
FAL permissions are wrong.
Fix the value to match t... - 12:41 Revision 9af2142b: [BUGFIX] Make object access work with ObjectStorage
- ObjectAccess->getPropertyPath() does not work with
ObjectStorage and numerical indexes, but it should be
because with...
2014-06-01
- 21:04 Revision 1d23e5e0: [BUGFIX] Keep session cookie if session data is present
- The AbstractUserAuthentication::checkAuthentication() method calls
the logoff() method on every failed login attempt....
2014-05-30
- 17:20 Revision d357653b: [BUGFIX] Always add wrapping div if dividers2tabs is disabled
- TCEforms is not wrapped in a div when dividers2tabs is disabled
and a inline-element form element is present. As a re...
2014-05-29
- 16:43 Revision 40b0ac51: [BUGFIX] Do not use self:: within closures
- This is not possible in PHP 5.3.
Resolves: #59203
Releases: 6.2
Change-Id: I108578f7635c50493a3b5d7a7fc81c021805abf8... - 16:38 Revision 34f254ba: [BUGFIX] Flexform element title is cropped to hardcoded length
- The title of a flexform element is cropped to maximum length of 30
characters. Instead it should obey the maximum tit... - 16:34 Revision e5eb4b46: [BUGFIX] Flexform element title is cropped to hardcoded length
- The title of a flexform element is cropped to maximum length of 30
characters. Instead it should obey the maximum tit... - 16:19 Revision 6deca0f7: [BUGFIX] Admin panel text selection
- Fixes: #58485
Releases: 6.2
Change-Id: I9c3243b2cca9edb89d262a4d3f9cde17b906d440
Reviewed-on: https://review.typo3.or... - 16:12 Revision 9ffc7865: [TASK] Use self:: where possible in GeneralUtility
- It's common sense to use self:: where possible because it's quicker and
makes code better understandable.
This chang... - 15:48 Revision 91640252: [BUGFIX] Fix redirect to install tool in new installations
- When setting up a new TYPO3 installation, TYPO3 should redirect
to the install tool, when accessing the frontend or b... - 15:39 Revision 3a1fd2b9: [BUGFIX] Fix redirect to install tool in new installations
- When setting up a new TYPO3 installation, TYPO3 should redirect
to the install tool, when accessing the frontend or b... - 13:26 Revision f377c8f2: [BUGFIX] EM: Handle missing dependencies in emconf
- ext_emconf.php may lack the dependencies array. This will cause
a PHP warning in a foreach loop.
Fix this by checkin... - 12:06 Revision 5e6359df: [BUGFIX] Indexed search static call to non-static function
- Resolves: #58756
Releases: 6.2
Change-Id: Ide09c7792e9b24afe480230893cac18570ce4f19
Reviewed-on: https://review.typo3...
2014-05-28
- 19:13 Revision 8bdcbc19: [BUGFIX] Correct minor typo in "About TYPO3 CMS"
- This patch corrects a minor typo in module: Web -> About TYPO3 CMS.
It currently reads "TYPO3 CMS is a enterprise-cla... - 14:12 Revision 3e6e8ec8: [BUGFIX] Parent language is not applied to new child records
- If localizing a parent-child structure, usually the language
of the parent element shall be applied to related child ... - 14:11 Revision cf9ca274: [BUGFIX] Parent language is not applied to new child records
- If localizing a parent-child structure, usually the language
of the parent element shall be applied to related child ... - 09:24 Revision 552e8b28: [BUGFIX] Added missing TCEforms palette-header padding
- With the cleanup of the backend styles a padding of the
pallete header got missing.
This patch adds this padding jus...
2014-05-26
- 17:45 Revision e0be1254: [BUGFIX] New content elements are always stored on pid 0
- Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a... - 11:58 Revision ee896746: [BUGFIX] New content elements are always stored on pid 0
- Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a...
2014-05-23
- 15:42 Revision 9a47bd20: [BUGFIX] Inserting custom element in RTE throws exception
- Problem: Token validation fails.
Solution: Use BackendUtility::getModuleUrl to ensure validity of token.
Resolves: #... - 10:28 Revision 03afcdbf: [BUGFIX] Alternative implementations for view helpers do not work
- Extbase allows to register alternative implementations for
objects. However that does not work for view helpers using... - 10:20 Revision 003c6628: [BUGFIX] Alternative implementations for view helpers do not work
- Extbase allows to register alternative implementations for
objects. However that does not work for view helpers using... - 10:12 Revision 03bf947c: [BUGFIX] Alternative implementations for view helpers do not work
- Extbase allows to register alternative implementations for
objects. However that does not work for view helpers using... - 05:19 Revision 68751f60: [TASK] Raise maximum settable numbers in export
- The maximums for today's exports are limited to strict.
It's 10MB for a settable file size included in exports;
raise... - 00:22 Revision 418e3130: [BUGFIX] Wrong HTML in locallang_csh_pages.xlf
- lang/4.5/locallang_csh_pages.xlf contains invalid
HTML structure a <p> tag should actually be a <b> tag.
Resolves: #... - 00:18 Revision ef2ec950: [CLEANUP] Code cleanup for LanguageService
- * Avoid unnecessary fully qualified class names
* Add return NULL for consistency if a method only returns a value
... - 00:13 Revision 28fa5811: [BUGFIX] Fix saving non public export presets
- Fix sql error "Column 'public' cannot be null" on saving
with unchecked box public.
Resolves: #57405
Releases: 6.2
C... - 00:12 Revision 38b178bc: [BUGFIX] Set default permissions for new files to 0664
- Change-Id: I4c71414dca763d9ba29ab93b18a0389941f51af7
Resolves: #58809
Releases: 6.2
Reviewed-on: https://review.typo3... - 00:06 Revision 6118ac5f: [BUGFIX] Fix url for youtube embeds
- Additionally solve the problem when http:// is missing
due to usage of the link wizard.
Change-Id: I676d14b4ddf81d5d... - 00:04 Revision 81e31f18: [BUGFIX] SoftReferenceIndex support for more values in class attribute
- The SoftReferenceIndex parses and rebuilds typolink tags, but the
support for more than one value in class attribute ...
2014-05-22
- 16:12 Revision 94f1e325: [BUGFIX] Wrong HTML in locallang_csh_pages.xlf
- lang/4.5/locallang_csh_pages.xlf contains invalid
HTML structure a <p> tag should actually be a <b> tag.
Resolves: #... - 16:12 Revision 0c692c99: [BUGFIX] Wrong HTML in locallang_csh_pages.xlf
- lang/4.5/locallang_csh_pages.xlf contains invalid
HTML structure a <p> tag should actually be a <b> tag.
Resolves: #... - 15:03 Revision f954a795: [BUGFIX] TCA tree fail to load with IRRE
- The TCA tree element fail to load inside IRRE, in some condition
(when the record is not loaded/opened)
Change-Id: I... - 15:02 Revision b908b7da: [BUGFIX] Fix description of userHomePath and groupHomePath
- Since making userHomePath and groupHomePath FAL compatible
the descriptions in DefaultConfiguration don't fit anymore... - 14:10 Revision bb15d44c: [BUGFIX] Fix relative path resolution in include static
- Fix the usage of relative paths in INCLUDE_TYPOSCRIPT inclusions of
static templates from extensions.
EXT:myext/Conf... - 14:09 Revision c87150d0: [BUGFIX] PathUtility::get...FileOrPath() does not work with basepath
- PathUtility::getAbsolutePathOfRelativeReferencedFileOrPath()
Add a check to the function to identify a given basepath... - 14:07 Revision f0ac518f: [BUGFIX] Properly check existence of array item
- The flexform converter in ContentObjectRenderer tries to access
an array element on a non-array.
Check existence wit... - 14:07 Revision 203c1eb9: [BUGFIX] Inaccessible pages on shortcuts/PageNotFound handler
- The var pageNotFound is set, if the called page has access
restrictions. Afterwards starts a searching for an accessi... - 13:48 Revision d6e63ca5: [BUGFIX] Fix failing unit tests for HTTP host check in CLI mode
- The unit tests for the recent HTTP host fix are failing
if executed in CLI mode.
In CLI mode no server environments a... - 13:48 Revision 420b5c8d: [BUGFIX] Fix failing unit tests for HTTP host check in CLI mode
- The unit tests for the recent HTTP host fix are failing
if executed in CLI mode.
In CLI mode no server environments a... - 13:43 Revision c10bcb8d: [BUGFIX] Fix failing unit tests for HTTP host check in CLI mode
- The unit tests for the recent HTTP host fix are failing
if executed in CLI mode.
In CLI mode no server environments a... - 10:18 Revision ff4db83b: [TASK] Set TYPO3 version to 6.2.4-dev
- Change-Id: Ic42722b40b91e61dfd839241b91b9ff31a322259
Reviewed-on: https://review.typo3.org/30317
Reviewed-by: TYPO3 R... - 10:17 Revision 30b091ae: [RELEASE] Release of TYPO3 6.2.3
- Change-Id: Ib7b6505d59bdec51f537afec80678c11c0ad0b89
Reviewed-on: https://review.typo3.org/30316
Reviewed-by: TYPO3 R... - 10:04 Revision 2b0b9ad6: [TASK] Set TYPO3 version to 6.1.10-dev
- Change-Id: I4f3b6dc5fe3e7e64365b632d6bd2656cd45d1378
Reviewed-on: https://review.typo3.org/30315
Reviewed-by: TYPO3 R... - 10:04 Revision 211c2332: [RELEASE] Release of TYPO3 6.1.9
- Change-Id: I68884dbd5ac459c84ad18a14e7c7df30701ad72c
Reviewed-on: https://review.typo3.org/30314
Reviewed-by: TYPO3 R... - 09:56 Revision fa09ccd3: [TASK] Set TYPO3 version to 6.0.15-dev
- Change-Id: Ib72fe2ce5ab6ffc02623db7cb807980496eec301
Reviewed-on: https://review.typo3.org/30313
Reviewed-by: TYPO3 R... - 09:55 Revision 146b4c9f: [RELEASE] Release of TYPO3 6.0.14
- Change-Id: I08089195ded2aa1b150139c7a9d944e38af92887
Reviewed-on: https://review.typo3.org/30312
Reviewed-by: TYPO3 R... - 09:48 Revision 854cca55: [TASK] Set TYPO3 version to 4.7.20-dev
- Change-Id: I74224483b538dad32994bdc1ae10eb014f3efafd
Reviewed-on: https://review.typo3.org/30311
Reviewed-by: TYPO3 R... - 09:48 Revision a1382a88: [RELEASE] Release of TYPO3 4.7.19
- Change-Id: I81bf2c94f0c4a8157788d3b3f0acf64eae2ce6c6
Reviewed-on: https://review.typo3.org/30310
Reviewed-by: TYPO3 R... - 09:39 Revision dd2d0ad3: [TASK] Set TYPO3 version to 4.5.35-dev
- Change-Id: Iffabf254620824d1d0b7a42e239576bd3aa73791
Reviewed-on: https://review.typo3.org/30309
Reviewed-by: TYPO3 R... - 09:38 Revision 67deb70e: [RELEASE] Release of TYPO3 4.5.34
- Change-Id: I296aa228d3d9ffda43cf99a41d3ac36d8b93f439
Reviewed-on: https://review.typo3.org/30308
Reviewed-by: TYPO3 R... - 09:34 Revision ab7a9f85: [SECURITY] Add trusted HTTP_HOST configuration
- TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li... - 09:34 Revision 3858e461: [SECURITY] XSS in (old) extension manager information function
- Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: If10b0cf25015eada0657aaebc1... - 09:34 Revision 6c6ae4b6: [SECURITY] XSS in new content element wizard
- Sanitize user-input colPos in new content element wizard.
Change-Id: Ifa90ea1ede3b6c2a5436c505993c533803306d01
Fixes... - 09:33 Revision 1e2843b4: [SECURITY] XSS in template tools on root page
- Change-Id: I2b5214e666d1c9edc5354dd3983401038e9aaf66
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... - 09:33 Revision 938f7f84: [SECURITY] XSS in Backend Layout Wizard
- Change-Id: I096d26b3eee20493b146633bda11529890be59dc
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... - 09:33 Revision 5ecbf238: [SECURITY] Encode URL for use in JavaScript
- The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: I3e... - 09:33 Revision d591b1d4: [SECURITY] Session timeout can be circumvented once
- Fix the AbstractUserAuthentication class to properly invalidate
the current session if it timed out.
Change-Id: Id50... - 09:33 Revision d554ac53: [SECURITY] Remove charts.swf to get rid of XSS vulnerability
- The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o... - 09:33 Revision 6fafbf7d: [SECURITY] Add trusted HTTP_HOST configuration
- TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li... - 09:33 Revision 2994a1c5: [SECURITY] XSS in (old) extension manager information function
- Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: I434689d4065496330a92e7086e... - 09:33 Revision 12741ad6: [SECURITY] XSS in new content element wizard
- Sanitize user-input colPos in new content element wizard.
Change-Id: I68ee05a9113b2a0266c0be612b1a10272cb986a2
Fixes... - 09:33 Revision 7595ad45: [SECURITY] XSS in template tools on root page
- Change-Id: I2958dcc7cecf8ef980d90dae66c6bd2df432ce4b
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... - 09:33 Revision 69658064: [SECURITY] XSS in Backend Layout Wizard
- Change-Id: Ie3f08333e417d8d208b3b36b208056efd4dbcec0
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... - 09:33 Revision 54e46912: [SECURITY] Encode URL for use in JavaScript
- The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: I84... - 09:33 Revision b6826ff0: [SECURITY] Fix insecure unserialize in colorpicker
- Change-Id: Id3a692cdccb2d3a9ae46ae635ee5c316fa36e371
Fixes: #56458
Releases: 6.1, 6.0, 4.7, 4.5
Security-Commit: 3981... - 09:32 Revision 32efb1b0: [SECURITY] Remove charts.swf to get rid of XSS vulnerability
- The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o... - 09:32 Revision 37273fb0: [SECURITY] Add trusted HTTP_HOST configuration
- TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li... - 09:32 Revision edd27ad6: [SECURITY] XSS in (old) extension manager information function
- Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: Ida71054ffeaf963aed1da4674e... - 09:32 Revision 00f00b15: [SECURITY] XSS in new content element wizard
- Sanitize user-input colPos in new content element wizard.
Change-Id: Ic43566fc93fadf6a1d997ff73bf027468001fb38
Fixes... - 09:32 Revision 6b7f3a88: [SECURITY] XSS in template tools on root page
- Change-Id: I3fb1c66314c6ef05d7f243a79c6af12466376078
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... - 09:32 Revision 5935348a: [SECURITY] XSS in Backend Layout Wizard
- Change-Id: I95af00f6eedd9635e31c375922dc8fc90d930c0e
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... - 09:32 Revision dda17393: [SECURITY] Encode URL for use in JavaScript
- The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: Id4... - 09:32 Revision 5e00a13d: [SECURITY] Fix insecure unserialize in colorpicker
- Change-Id: Id31f4a16308484fd3d9c799f1dbf4473464508ca
Fixes: #56458
Releases: 6.1, 6.0, 4.7, 4.5
Security-Commit: ac30... - 09:32 Revision 0f29e1f1: [SECURITY] Remove charts.swf to get rid of XSS vulnerability
- The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o... - 09:32 Revision 07eba3e2: [SECURITY] Add trusted HTTP_HOST configuration
- TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li... - 09:32 Revision ec33bebb: [SECURITY] XSS in (old) extension manager information function
- Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: Ib8d753d707d2ff2b7f8e634311... - 09:32 Revision fb096e30: [SECURITY] XSS in new content element wizard
- Sanitize user-input colPos in new content element wizard.
Change-Id: Ieb45500aa10b65c82fd8fff59204eb1503c90a22
Fixes... - 09:32 Revision 1389da5c: [SECURITY] XSS in template tools on root page
- Change-Id: If78f319f61a3d064a4f25f30c7e8971ba761fde4
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... - 09:31 Revision 65fc32f8: [SECURITY] XSS in Backend Layout Wizard
- Change-Id: Iff1e645df4fe3e85e064730acddaf4d29a5e5bce
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... - 09:31 Revision 7bec5c86: [SECURITY] Encode URL for use in JavaScript
- The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: I5b... - 09:31 Revision b907b64b: [SECURITY] Fix insecure unserialize in colorpicker
- Change-Id: I78b29a745c23c1b1d5359226a24150aad0dff764
Fixes: #56458
Releases: 6.1, 6.0, 4.7, 4.5
Security-Commit: 0682... - 09:31 Revision c39bca96: [SECURITY] Remove charts.swf to get rid of XSS vulnerability
- The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o... - 09:31 Revision 55d5f385: [SECURITY] Add trusted HTTP_HOST configuration
- TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li... - 09:31 Revision efb098b2: [SECURITY] XSS in (old) extension manager information function
- Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: Iae077221a4a8ef8f3aacaeb9d6... - 09:31 Revision 94011a3c: [SECURITY] XSS in new content element wizard
- Sanitize user-input colPos in new content element wizard.
Change-Id: I13ff938e7320c68c8ad3f88b0cb688bc4d43d839
Fixes... - 09:31 Revision b62651b0: [SECURITY] XSS in template tools on root page
- Change-Id: I6942457ce27ad22a33efd003ceaa96fa7460c0bf
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... - 09:31 Revision a98ae3ca: [SECURITY] XSS in Backend Layout Wizard
- Change-Id: I7e58e32a4d7146c2c341d756816c29f7c01ed31d
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... - 09:31 Revision 4f7258cf: [SECURITY] Encode URL for use in JavaScript
- The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: If3... - 09:31 Revision 742ad492: [SECURITY] Fix insecure unserialize in colorpicker
- Change-Id: Iee9d2712ae3b489a89604cb7be8c2af27a924fe0
Fixes: #56458
Releases: 6.1, 6.0, 4.7, 4.5
Security-Commit: 36eb... - 09:31 Revision 9bd77764: [SECURITY] Remove charts.swf to get rid of XSS vulnerability
- The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o...
2014-05-21
- 12:26 Revision e50f6a64: [BUGFIX] Indexer tries to insert NULL into DB
- The Indexer of indexed_search tries to insert NULL values
into NOT NULL columns of the database.
Since #53662 NULL v... - 12:26 Revision 6a91a909: [BUGFIX] Indexer tries to insert NULL into DB
- The Indexer of indexed_search tries to insert NULL values
into NOT NULL columns of the database.
Since #53662 NULL v...
2014-05-20
- 03:14 Revision 4a3e526a: [BUGFIX] RTE Remove Format removes too much
- The remove format function with msword selected removes too much
content when there is more than one style block in c...
2014-05-19
- 10:17 Revision 849e5f11: [BUGFIX] indexed_search plugin cannot be translated
- The experimental extbase plugin of indexed_search is not
translatable on Pootle because it is still using locallang.x...
2014-05-18
- 15:01 Revision 3d5143b6: [BUGFIX] Missing check if $row[t3ver_state] is set in IconUtility
- As a result of a missing check if $row['t3ver_state'] exists,
an exception is thrown when IconUtility::getIcon() is c...
2014-05-16
- 21:43 Revision 8b264890: [TASK] Cleanup DataHandler functional tests
- Some DataHandler functional test cases are duplicated or are not
required anymore. Here's a list of what has changed ... - 21:24 Revision b36a41ab: [TASK] Extend DataHandler IRRE functional tests
- Extend CSV and ForeignField test with
* copyParentContentToDifferentPage
* modifyHotelChild
Resolves: #58854
Release... - 21:02 Revision 34181bbc: [TASK] Unify DataHandler test structure
- Resolves: #58868
Releases: 6.2
Change-Id: I0f5aeb1d211e542cb323fba11b07a0b8be7d3ed0
Reviewed-on: https://review.typo3...
2014-05-15
- 19:18 Revision 3ee99e99: [BUGFIX] Wrong system requirements link
- Resolves: #58842
Releases: 6.2, 6.1
Change-Id: Ibaf87d32778349d5a87009bcd2b365447e6488fa
Reviewed-on: https://review.... - 19:16 Revision b71a0569: [BUGFIX] Wrong system requirements link
- Resolves: #58842
Releases: 6.2, 6.1
Change-Id: Ibaf87d32778349d5a87009bcd2b365447e6488fa
Reviewed-on: https://review.... - 09:31 Revision 53c830fc: [BUGFIX] FlashMessageService not available in TYPO3 6.0
- Issue #51079 introduced the disposal of FlashMessageService
which has been added for TYPO3 6.1 the first time. It's o...
2014-05-14
- 10:55 Revision f86e016a: [BUGFIX] DependencyUtility does count() on an integer
- Remove the superfluous count() call.
Resolves: #58529
Releases: 6.2, 6.1, 6.0
Change-Id: I0933650b52063009de52268034... - 10:55 Revision 459c34d2: [BUGFIX] DependencyUtility does count() on an integer
- Remove the superfluous count() call.
Resolves: #58529
Releases: 6.2, 6.1, 6.0
Change-Id: I0933650b52063009de52268034...
2014-05-13
- 20:35 Revision 12177afd: [BUGFIX] Wrong path reference for installToolPassword option
- The [BE][installToolPassword] contains a suggestion to additionally
protect the Install Tool by protecting its folder... - 19:32 Revision dd146826: [BUGFIX] Restore registers before early returns
- Having an empty image list or a list of images with empty values
will not restore the loaded registers.
So we must re... - 19:24 Revision 88746ec2: [BUGFIX] Don't rely on not found database records impexp
- The function exec_SELECTgetSingleRow could also return
FALSE in addition to NULL, so add a additional check.
Resolve... - 18:03 Revision 624aef35: [BUGFIX] MM relations are not correctly resolved in Backend view
- DataPreprocessor is taking care of preparing data for the form
view processed in the FormEngine. However, MM relation... - 18:00 Revision 016860ab: [BUGFIX] Invalid module token in openid wizard
- Fix the double htmlspecialchars call by removing the one
in the controller. Fluid does it anyway.
Resolves: #58719
R... - 18:00 Revision d951b22b: [BUGFIX] Sprite icons not shown
- If first hit after clearing cache was not in BE context
some icons are not part of the sprite css.
This patch makes ... - 17:58 Revision deb3c0f4: [BUGFIX] Category tab not shown for file when filemetadata installed
- As a result of the TCA caching changes the order of
the manipulations done in the sys_file_metadata TCA
have changed.... - 17:37 Revision d277119a: [BUGFIX] Remove failing extension installations
- This patch takes care about removing extracted extension folders if an
installation fails. For new extensions the fol...
2014-05-12
- 23:27 Revision 01103d52: [BUGFIX] DataProviderContext uses wrong member field in setter
- Resolves: #58731
Releases: 6.2
Change-Id: Ic3c5417d19b165009ae500a19b565569e2d8b2b2
Reviewed-on: https://review.typo3... - 17:04 Revision 4f982ca0: [TASK] Update to phpunit 4.1
- Do not forget to "composer update" test instances!
Updating from phpunit 3.7 to 4.1 is smooth, except two details:
... - 15:45 Revision 65603ab6: [SECURITY] Extbase must not cache dynamic parts of queries
- Do not cache the enable fields part of queries. This part
needs to be added on each query dynamically to reflect the
... - 10:38 Revision 037d2c7b: [BUGFIX] Check if storage exists before accessing it
- When editing a file mount in the backend, we need to check if
the storage backend actually exists.
Change-Id: I76e67... - 10:33 Revision d071a64b: [BUGFIX] Use file name in delete confirmation message
- Instead of using the file identifier, the actual file name
is used when asking if a file should be deleted.
This is ...
2014-05-08
- 12:29 Revision 6ffdceeb: [BUGFIX] Solve stackoverflow in prototype in IE8
- The reason for this behaviour is the combination of prototype.js
and ExtJS. The ExtJS defer() method takes precedence... - 12:29 Revision fb8370d0: [BUGFIX] Solve stackoverflow in prototype in IE8
- The reason for this behaviour is the combination of prototype.js
and ExtJS. The ExtJS defer() method takes precedence... - 03:18 Revision 3abc7030: [BUGFIX] Default image title in RTE contains the file name
- When inserting an image in the RTE, the default image title should be
the image file title, not the image file name.
...
2014-05-07
- 17:04 Revision f0a43348: [BUGFIX] LocalizationUtility methods should be static
- All public methods of LocalizationUtility are static, but two
protected methods are not. Make those static, too.
Cha... - 00:33 Revision 9da1f2c3: [TASK] Add PHP 5.6 as travis-ci environment
- travis-ci already provides a PHP 5.6 beta build.
It currently executes unit, functional and linting successfully
and ...
Also available in: Atom