Project

General

Profile

Activity

From 2014-05-08 to 2014-06-06

2014-06-06

21:03 Revision 7a876ddc: [TASK] Downgrade to PHPUnit 3.7.*
Suddenly build failures occurred on travis which seem
to be related to ReflectionClass::newInstanceWithoutConstructor...
Helmut Hummel
20:14 Revision ce838380: [BUGFIX] Fix command description
Due to using array_pop instead of array_shift the last line
of the command description is dropped instead of the firs...
Mathias Brodala
20:05 Revision 40219c6d: [BUGFIX] Fix command description
Due to using array_pop instead of array_shift the last line
of the command description is dropped instead of the firs...
Mathias Brodala
11:43 Revision 0f9bd665: [BUGFIX] getIndpEnv('TYPO3_SSL') fails to detect reverseProxyIp
When running TYPO3 behind a reverse proxy, which also handles SSL,
the setting reverseProxySSL should check if the si...
Jan-Erik Revsbech
11:38 Revision b9cb4518: [BUGFIX] getIndpEnv('TYPO3_SSL') fails to detect reverseProxyIp
When running TYPO3 behind a reverse proxy, which also handles SSL,
the setting reverseProxySSL should check if the si...
Jan-Erik Revsbech
11:11 Revision d15687b7: [TASK] Enhance resource storage hooks
Emit postFileCreate and postFileSetContents signals and add
provide the original folder in the postFileMove and the
p...
Alexander Stehlik

2014-06-05

23:07 Revision c578d476: [BUGFIX] Unified maxitems default value for group fields
The maxitems value for a group field defaults to 1 instead of 100000 so
that it is consistent with the TCA reference ...
Alexander Stehlik
22:57 Revision 3b5196b6: [BUGFIX] Admin panel extGetFeAdminValue() overrides are wrong
The current check does not properly consider the override values.
If a override is set, then its value has to be take...
Markus Klein
22:45 Revision 795fa7f5: [BUGFIX] Disabled backend users shown for workspace stage change
On changing the stage of a workspace version, an accordant
dialog is shown with recipients to be informed about this
...
Stefan Rotsch
22:28 Revision 1c766e75: [BUGFIX] Show images in preview of page module
For custom content elements with image these are shown
as thumbs in the list module but not in the page module.
This...
Frans Saris
20:39 Revision 06af78d5: [CLEANUP] Add missing PHP comments in class LogoView
Change-Id: I13d428c7b8a3964e8c376ad2c8d2a4af8c0059f1
Releases: 6.2
Resolves: #59374
Reviewed-on: https://review.typo3...
Fabien Udriot
20:09 Revision 2105c6f4: [BUGFIX] Improve the formatting of help of the CommandController
This aligns the description of the command line options.
Resolves: #59372
Releases: 6.2
Change-Id: I474f8415d3ed62d5...
Stefano Kowalke
19:49 Revision b2114781: [BUGFIX] Illegal string offset 'uid' in TypoScriptFrontendController
Logoff sets user property to an empty string instead of NULL. This
leads to a PHP Warning in PHP 5.4
Change-Id: Ib0e...
Robert Vock
19:46 Revision 928b165e: [BUGFIX] Illegal string offset 'uid' in TypoScriptFrontendController
Logoff sets user property to an empty string instead of NULL. This
leads to a PHP Warning in PHP 5.4
Change-Id: Ib0e...
Robert Vock
13:44 Revision 66bf424e: [BUGFIX] Warning in SearchController
$this->sWArr is not defined SearchController.
Fix this to use the correct $this->searchWords variable.
Change-Id: Ib...
Christian Zenker
13:44 Revision 49b7ac46: [BUGFIX] Warning in SearchController
$this->sWArr is not defined SearchController.
Fix this to use the correct $this->searchWords variable.
Change-Id: Ib...
Christian Zenker
10:29 Revision 79bbd9a3: [BUGFIX] Show content elements from hidden pages in preview
Content elements from hidden pages are no longer shown in previews.
Fix this by checking with a strong comparison in...
Markus Klein
08:42 Revision f731fc36: [BUGFIX] New content elements are always stored on pid 0
Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a...
Markus Klein
08:41 Revision 05bbf375: [BUGFIX] New content elements are always stored on pid 0
Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a...
Markus Klein

2014-06-04

19:45 Revision e00d0bfe: [BUGFIX] Fix frontend unit tests if executed standalone
* Unit tests are allowed for CLI anyway
* Remove allow all in data provider
The latter implicitly caused a global al...
Helmut Hummel
19:43 Revision 2c8a4285: [BUGFIX] Fix frontend unit tests if executed standalone
* Unit tests are allowed for CLI anyway
* Remove allow all in data provider
The latter implicitly caused a global al...
Helmut Hummel
18:16 Revision 15c26140: [BUGFIX] Fix frontend unit tests if executed standalone
* Allow HTTP_HOST access for all unit tests
* Remove allow all in data provider
The latter implicitly caused a globa...
Helmut Hummel
17:58 Revision 13104c3e: [BUGFIX] Show storage and folder of file/folder
To make it possible for an editor to find the real
location of a used file, the storage and folder are
added to the E...
Frans Saris
17:22 Revision c5b01462: [BUGFIX] New content elements are always stored on pid 0
Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a...
Nicole Cordes

2014-06-03

23:53 Revision cd81ccb5: [BUGFIX] DataHandler::log() must not return NULL
Ensure the DataHandler::log() function does return integers
in all cases as denoted in the doc header.
Resolves: #59...
Markus Klein
23:52 Revision 67dbe5b9: [BUGFIX] Show file instead of file_reference info
The irre elements of FAL items have an info icon which shows
some details info about the file_reference. But this is ...
Frans Saris
23:50 Revision c14e786d: [BUGFIX] List module pagination broken
A wrong formula is used to calculate the pointer
for the pages.
This patch also introduces a central function for
cal...
Markus Klein
23:41 Revision 1355d8b6: [BUGFIX] Old TYPO3 logo still in use in ext:workspaces
Replace old logo with the new logo.
Resolves: #59321
Releases: 6.2
Change-Id: I1b4386e0ee614096b4033f00d9fe9136d11a6...
Wouter Wolters
23:39 Revision 59f7440b: [BUGFIX] DataHandler::log() must not return NULL
Ensure the DataHandler::log() function does return integers
in all cases as denoted in the doc header.
Resolves: #59...
Markus Klein
23:14 Revision 8454a698: [TASK] Check and use current file hash and size on export
On creating exports the file hash and size is used from the
sys_file table. Since this could be not up-to-date in rea...
Marc Bastian Heinrichs
23:00 Revision 44b18664: [BUGFIX] Use created folder object for adding images in impexp
A folder to be created could change the name by sanitizing. So
the name of the created folder could differ from the r...
Marc Bastian Heinrichs
22:06 Revision a40a196c: [BUGFIX] ElementBrowser: correct link attributes
This is a regression fix for #55983, which introduced
additional urlencoding for title, class, ...
Remove the encodi...
Markus Klein
18:17 Revision 4fbb2504: [BUGFIX] Fix double ? in eID url for encryption key
The AJAX url for retrieving a new encryption key contains
two question marks. This causes the request to fail.
Fix t...
Markus Klein
18:17 Revision d9d2dd17: [BUGFIX] Fix double ? in eID url for encryption key
The AJAX url for retrieving a new encryption key contains
two question marks. This causes the request to fail.
Fix t...
Markus Klein
18:13 Revision 9576c32c: [BUGFIX] Fix wrong JS function name in RTE
RTE feature "userlinks" generates a wrong JS function
name due to the automatic replacement during the
namespace conv...
Markus Klein
18:13 Revision a708170a: [BUGFIX] Fix wrong JS function name in RTE
RTE feature "userlinks" generates a wrong JS function
name due to the automatic replacement during the
namespace conv...
Markus Klein
18:08 Revision d7919b04: [BUGFIX] Fix double ? in eID url for encryption key
The AJAX url for retrieving a new encryption key contains
two question marks. This causes the request to fail.
Fix t...
Markus Klein
17:11 Revision 50b8effd: [BUGFIX] Fix wrong JS function name in RTE
RTE feature "userlinks" generates a wrong JS function
name due to the automatic replacement during the
namespace conv...
Markus Klein
16:45 Revision f432417e: [BUGFIX] Canonicalize path before checking existence
ResourceFactory fails to detect files in symlinked
scenarios, because the path is not canonicalized before
file exist...
Nils Blattner
16:20 Revision 8fe6901a: [BUGFIX] Request update broken for select fields
For select-type fields displayed as two side-by-side selectors
which are registered as "requestUpdate" fields, the fo...
Francois Suter

2014-06-02

18:23 Revision 1e6c9544: [BUGFIX] TCA maxitems for FAL permissions wrong
The setting for maxitems in the TCA of be_users and be_groups for
FAL permissions are wrong.
Fix the value to match t...
Markus Klein
12:41 Revision 9af2142b: [BUGFIX] Make object access work with ObjectStorage
ObjectAccess->getPropertyPath() does not work with
ObjectStorage and numerical indexes, but it should be
because with...
Helmut Hummel

2014-06-01

21:04 Revision 1d23e5e0: [BUGFIX] Keep session cookie if session data is present
The AbstractUserAuthentication::checkAuthentication() method calls
the logoff() method on every failed login attempt....
Helmut Hummel

2014-05-30

17:20 Revision d357653b: [BUGFIX] Always add wrapping div if dividers2tabs is disabled
TCEforms is not wrapped in a div when dividers2tabs is disabled
and a inline-element form element is present. As a re...
Frans Saris

2014-05-29

16:43 Revision 40b0ac51: [BUGFIX] Do not use self:: within closures
This is not possible in PHP 5.3.
Resolves: #59203
Releases: 6.2
Change-Id: I108578f7635c50493a3b5d7a7fc81c021805abf8...
Markus Klein
16:38 Revision 34f254ba: [BUGFIX] Flexform element title is cropped to hardcoded length
The title of a flexform element is cropped to maximum length of 30
characters. Instead it should obey the maximum tit...
Sebastian Michaelsen
16:34 Revision e5eb4b46: [BUGFIX] Flexform element title is cropped to hardcoded length
The title of a flexform element is cropped to maximum length of 30
characters. Instead it should obey the maximum tit...
Sebastian Michaelsen
16:19 Revision 6deca0f7: [BUGFIX] Admin panel text selection
Fixes: #58485
Releases: 6.2
Change-Id: I9c3243b2cca9edb89d262a4d3f9cde17b906d440
Reviewed-on: https://review.typo3.or...
Goran Medakovic
16:12 Revision 9ffc7865: [TASK] Use self:: where possible in GeneralUtility
It's common sense to use self:: where possible because it's quicker and
makes code better understandable.
This chang...
Sebastian Michaelsen
15:48 Revision 91640252: [BUGFIX] Fix redirect to install tool in new installations
When setting up a new TYPO3 installation, TYPO3 should redirect
to the install tool, when accessing the frontend or b...
Markus Klein
15:39 Revision 3a1fd2b9: [BUGFIX] Fix redirect to install tool in new installations
When setting up a new TYPO3 installation, TYPO3 should redirect
to the install tool, when accessing the frontend or b...
Markus Klein
13:26 Revision f377c8f2: [BUGFIX] EM: Handle missing dependencies in emconf
ext_emconf.php may lack the dependencies array. This will cause
a PHP warning in a foreach loop.
Fix this by checkin...
Markus Klein
12:06 Revision 5e6359df: [BUGFIX] Indexed search static call to non-static function
Resolves: #58756
Releases: 6.2
Change-Id: Ide09c7792e9b24afe480230893cac18570ce4f19
Reviewed-on: https://review.typo3...
Markus Klein

2014-05-28

19:13 Revision 8bdcbc19: [BUGFIX] Correct minor typo in "About TYPO3 CMS"
This patch corrects a minor typo in module: Web -> About TYPO3 CMS.
It currently reads "TYPO3 CMS is a enterprise-cla...
Michael Schams
14:12 Revision 3e6e8ec8: [BUGFIX] Parent language is not applied to new child records
If localizing a parent-child structure, usually the language
of the parent element shall be applied to related child ...
David Greiner
14:11 Revision cf9ca274: [BUGFIX] Parent language is not applied to new child records
If localizing a parent-child structure, usually the language
of the parent element shall be applied to related child ...
David Greiner
09:24 Revision 552e8b28: [BUGFIX] Added missing TCEforms palette-header padding
With the cleanup of the backend styles a padding of the
pallete header got missing.
This patch adds this padding jus...
Frans Saris

2014-05-26

17:45 Revision e0be1254: [BUGFIX] New content elements are always stored on pid 0
Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a...
Nicole Cordes
11:58 Revision ee896746: [BUGFIX] New content elements are always stored on pid 0
Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a...
Nicole Cordes

2014-05-23

15:42 Revision 9a47bd20: [BUGFIX] Inserting custom element in RTE throws exception
Problem: Token validation fails.
Solution: Use BackendUtility::getModuleUrl to ensure validity of token.
Resolves: #...
Stanislas Rolland
10:28 Revision 03afcdbf: [BUGFIX] Alternative implementations for view helpers do not work
Extbase allows to register alternative implementations for
objects. However that does not work for view helpers using...
Marc Bastian Heinrichs
10:20 Revision 003c6628: [BUGFIX] Alternative implementations for view helpers do not work
Extbase allows to register alternative implementations for
objects. However that does not work for view helpers using...
Marc Bastian Heinrichs
10:12 Revision 03bf947c: [BUGFIX] Alternative implementations for view helpers do not work
Extbase allows to register alternative implementations for
objects. However that does not work for view helpers using...
Marc Bastian Heinrichs
05:19 Revision 68751f60: [TASK] Raise maximum settable numbers in export
The maximums for today's exports are limited to strict.
It's 10MB for a settable file size included in exports;
raise...
Marc Bastian Heinrichs
00:22 Revision 418e3130: [BUGFIX] Wrong HTML in locallang_csh_pages.xlf
lang/4.5/locallang_csh_pages.xlf contains invalid
HTML structure a <p> tag should actually be a <b> tag.
Resolves: #...
Markus Klein
00:18 Revision ef2ec950: [CLEANUP] Code cleanup for LanguageService
* Avoid unnecessary fully qualified class names
* Add return NULL for consistency if a method only returns a value
...
Sebastian Michaelsen
00:13 Revision 28fa5811: [BUGFIX] Fix saving non public export presets
Fix sql error "Column 'public' cannot be null" on saving
with unchecked box public.
Resolves: #57405
Releases: 6.2
C...
Marc Bastian Heinrichs
00:12 Revision 38b178bc: [BUGFIX] Set default permissions for new files to 0664
Change-Id: I4c71414dca763d9ba29ab93b18a0389941f51af7
Resolves: #58809
Releases: 6.2
Reviewed-on: https://review.typo3...
Caspar Stuebs
00:06 Revision 6118ac5f: [BUGFIX] Fix url for youtube embeds
Additionally solve the problem when http:// is missing
due to usage of the link wizard.
Change-Id: I676d14b4ddf81d5d...
Thomas Löffler
00:04 Revision 81e31f18: [BUGFIX] SoftReferenceIndex support for more values in class attribute
The SoftReferenceIndex parses and rebuilds typolink tags, but the
support for more than one value in class attribute ...
Marc Bastian Heinrichs

2014-05-22

16:12 Revision 94f1e325: [BUGFIX] Wrong HTML in locallang_csh_pages.xlf
lang/4.5/locallang_csh_pages.xlf contains invalid
HTML structure a <p> tag should actually be a <b> tag.
Resolves: #...
Markus Klein
16:12 Revision 0c692c99: [BUGFIX] Wrong HTML in locallang_csh_pages.xlf
lang/4.5/locallang_csh_pages.xlf contains invalid
HTML structure a <p> tag should actually be a <b> tag.
Resolves: #...
Markus Klein
15:03 Revision f954a795: [BUGFIX] TCA tree fail to load with IRRE
The TCA tree element fail to load inside IRRE, in some condition
(when the record is not loaded/opened)
Change-Id: I...
Xavier Perseguers
15:02 Revision b908b7da: [BUGFIX] Fix description of userHomePath and groupHomePath
Since making userHomePath and groupHomePath FAL compatible
the descriptions in DefaultConfiguration don't fit anymore...
Marc Bastian Heinrichs
14:10 Revision bb15d44c: [BUGFIX] Fix relative path resolution in include static
Fix the usage of relative paths in INCLUDE_TYPOSCRIPT inclusions of
static templates from extensions.
EXT:myext/Conf...
Markus Klein
14:09 Revision c87150d0: [BUGFIX] PathUtility::get...FileOrPath() does not work with basepath
PathUtility::getAbsolutePathOfRelativeReferencedFileOrPath()
Add a check to the function to identify a given basepath...
Markus Klein
14:07 Revision f0ac518f: [BUGFIX] Properly check existence of array item
The flexform converter in ContentObjectRenderer tries to access
an array element on a non-array.
Check existence wit...
Markus Klein
14:07 Revision 203c1eb9: [BUGFIX] Inaccessible pages on shortcuts/PageNotFound handler
The var pageNotFound is set, if the called page has access
restrictions. Afterwards starts a searching for an accessi...
Alexander Opitz
13:48 Revision d6e63ca5: [BUGFIX] Fix failing unit tests for HTTP host check in CLI mode
The unit tests for the recent HTTP host fix are failing
if executed in CLI mode.
In CLI mode no server environments a...
Helmut Hummel
13:48 Revision 420b5c8d: [BUGFIX] Fix failing unit tests for HTTP host check in CLI mode
The unit tests for the recent HTTP host fix are failing
if executed in CLI mode.
In CLI mode no server environments a...
Helmut Hummel
13:43 Revision c10bcb8d: [BUGFIX] Fix failing unit tests for HTTP host check in CLI mode
The unit tests for the recent HTTP host fix are failing
if executed in CLI mode.
In CLI mode no server environments a...
Helmut Hummel
10:18 Revision ff4db83b: [TASK] Set TYPO3 version to 6.2.4-dev
Change-Id: Ic42722b40b91e61dfd839241b91b9ff31a322259
Reviewed-on: https://review.typo3.org/30317
Reviewed-by: TYPO3 R...
TYPO3 Release Team
10:17 Revision 30b091ae: [RELEASE] Release of TYPO3 6.2.3
Change-Id: Ib7b6505d59bdec51f537afec80678c11c0ad0b89
Reviewed-on: https://review.typo3.org/30316
Reviewed-by: TYPO3 R...
TYPO3 Release Team
10:04 Revision 2b0b9ad6: [TASK] Set TYPO3 version to 6.1.10-dev
Change-Id: I4f3b6dc5fe3e7e64365b632d6bd2656cd45d1378
Reviewed-on: https://review.typo3.org/30315
Reviewed-by: TYPO3 R...
TYPO3 Release Team
10:04 Revision 211c2332: [RELEASE] Release of TYPO3 6.1.9
Change-Id: I68884dbd5ac459c84ad18a14e7c7df30701ad72c
Reviewed-on: https://review.typo3.org/30314
Reviewed-by: TYPO3 R...
TYPO3 Release Team
09:56 Revision fa09ccd3: [TASK] Set TYPO3 version to 6.0.15-dev
Change-Id: Ib72fe2ce5ab6ffc02623db7cb807980496eec301
Reviewed-on: https://review.typo3.org/30313
Reviewed-by: TYPO3 R...
TYPO3 Release Team
09:55 Revision 146b4c9f: [RELEASE] Release of TYPO3 6.0.14
Change-Id: I08089195ded2aa1b150139c7a9d944e38af92887
Reviewed-on: https://review.typo3.org/30312
Reviewed-by: TYPO3 R...
TYPO3 Release Team
09:48 Revision 854cca55: [TASK] Set TYPO3 version to 4.7.20-dev
Change-Id: I74224483b538dad32994bdc1ae10eb014f3efafd
Reviewed-on: https://review.typo3.org/30311
Reviewed-by: TYPO3 R...
TYPO3 Release Team
09:48 Revision a1382a88: [RELEASE] Release of TYPO3 4.7.19
Change-Id: I81bf2c94f0c4a8157788d3b3f0acf64eae2ce6c6
Reviewed-on: https://review.typo3.org/30310
Reviewed-by: TYPO3 R...
TYPO3 Release Team
09:39 Revision dd2d0ad3: [TASK] Set TYPO3 version to 4.5.35-dev
Change-Id: Iffabf254620824d1d0b7a42e239576bd3aa73791
Reviewed-on: https://review.typo3.org/30309
Reviewed-by: TYPO3 R...
TYPO3 Release Team
09:38 Revision 67deb70e: [RELEASE] Release of TYPO3 4.5.34
Change-Id: I296aa228d3d9ffda43cf99a41d3ac36d8b93f439
Reviewed-on: https://review.typo3.org/30308
Reviewed-by: TYPO3 R...
TYPO3 Release Team
09:34 Revision ab7a9f85: [SECURITY] Add trusted HTTP_HOST configuration
TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li...
Helmut Hummel
09:34 Revision 3858e461: [SECURITY] XSS in (old) extension manager information function
Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: If10b0cf25015eada0657aaebc1...
Nicole Cordes
09:34 Revision 6c6ae4b6: [SECURITY] XSS in new content element wizard
Sanitize user-input colPos in new content element wizard.
Change-Id: Ifa90ea1ede3b6c2a5436c505993c533803306d01
Fixes...
Marcus Krause
09:33 Revision 1e2843b4: [SECURITY] XSS in template tools on root page
Change-Id: I2b5214e666d1c9edc5354dd3983401038e9aaf66
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:...
Marc Bastian Heinrichs
09:33 Revision 938f7f84: [SECURITY] XSS in Backend Layout Wizard
Change-Id: I096d26b3eee20493b146633bda11529890be59dc
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:...
Helmut Hummel
09:33 Revision 5ecbf238: [SECURITY] Encode URL for use in JavaScript
The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: I3e...
Jigal van Hemert
09:33 Revision d591b1d4: [SECURITY] Session timeout can be circumvented once
Fix the AbstractUserAuthentication class to properly invalidate
the current session if it timed out.
Change-Id: Id50...
Markus Klein
09:33 Revision d554ac53: [SECURITY] Remove charts.swf to get rid of XSS vulnerability
The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o...
Helmut Hummel
09:33 Revision 6fafbf7d: [SECURITY] Add trusted HTTP_HOST configuration
TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li...
Helmut Hummel
09:33 Revision 2994a1c5: [SECURITY] XSS in (old) extension manager information function
Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: I434689d4065496330a92e7086e...
Nicole Cordes
09:33 Revision 12741ad6: [SECURITY] XSS in new content element wizard
Sanitize user-input colPos in new content element wizard.
Change-Id: I68ee05a9113b2a0266c0be612b1a10272cb986a2
Fixes...
Marcus Krause
09:33 Revision 7595ad45: [SECURITY] XSS in template tools on root page
Change-Id: I2958dcc7cecf8ef980d90dae66c6bd2df432ce4b
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:...
Marc Bastian Heinrichs
09:33 Revision 69658064: [SECURITY] XSS in Backend Layout Wizard
Change-Id: Ie3f08333e417d8d208b3b36b208056efd4dbcec0
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:...
Helmut Hummel
09:33 Revision 54e46912: [SECURITY] Encode URL for use in JavaScript
The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: I84...
Jigal van Hemert
09:33 Revision b6826ff0: [SECURITY] Fix insecure unserialize in colorpicker
Change-Id: Id3a692cdccb2d3a9ae46ae635ee5c316fa36e371
Fixes: #56458
Releases: 6.1, 6.0, 4.7, 4.5
Security-Commit: 3981...
Helmut Hummel
09:32 Revision 32efb1b0: [SECURITY] Remove charts.swf to get rid of XSS vulnerability
The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o...
Helmut Hummel
09:32 Revision 37273fb0: [SECURITY] Add trusted HTTP_HOST configuration
TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li...
Helmut Hummel
09:32 Revision edd27ad6: [SECURITY] XSS in (old) extension manager information function
Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: Ida71054ffeaf963aed1da4674e...
Nicole Cordes
09:32 Revision 00f00b15: [SECURITY] XSS in new content element wizard
Sanitize user-input colPos in new content element wizard.
Change-Id: Ic43566fc93fadf6a1d997ff73bf027468001fb38
Fixes...
Marcus Krause
09:32 Revision 6b7f3a88: [SECURITY] XSS in template tools on root page
Change-Id: I3fb1c66314c6ef05d7f243a79c6af12466376078
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:...
Marc Bastian Heinrichs
09:32 Revision 5935348a: [SECURITY] XSS in Backend Layout Wizard
Change-Id: I95af00f6eedd9635e31c375922dc8fc90d930c0e
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:...
Helmut Hummel
09:32 Revision dda17393: [SECURITY] Encode URL for use in JavaScript
The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: Id4...
Jigal van Hemert
09:32 Revision 5e00a13d: [SECURITY] Fix insecure unserialize in colorpicker
Change-Id: Id31f4a16308484fd3d9c799f1dbf4473464508ca
Fixes: #56458
Releases: 6.1, 6.0, 4.7, 4.5
Security-Commit: ac30...
Helmut Hummel
09:32 Revision 0f29e1f1: [SECURITY] Remove charts.swf to get rid of XSS vulnerability
The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o...
Helmut Hummel
09:32 Revision 07eba3e2: [SECURITY] Add trusted HTTP_HOST configuration
TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li...
Helmut Hummel
09:32 Revision ec33bebb: [SECURITY] XSS in (old) extension manager information function
Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: Ib8d753d707d2ff2b7f8e634311...
Marc Bastian Heinrichs
09:32 Revision fb096e30: [SECURITY] XSS in new content element wizard
Sanitize user-input colPos in new content element wizard.
Change-Id: Ieb45500aa10b65c82fd8fff59204eb1503c90a22
Fixes...
Markus Klein
09:32 Revision 1389da5c: [SECURITY] XSS in template tools on root page
Change-Id: If78f319f61a3d064a4f25f30c7e8971ba761fde4
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:...
Marc Bastian Heinrichs
09:31 Revision 65fc32f8: [SECURITY] XSS in Backend Layout Wizard
Change-Id: Iff1e645df4fe3e85e064730acddaf4d29a5e5bce
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:...
Nicole Cordes
09:31 Revision 7bec5c86: [SECURITY] Encode URL for use in JavaScript
The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: I5b...
Markus Klein
09:31 Revision b907b64b: [SECURITY] Fix insecure unserialize in colorpicker
Change-Id: I78b29a745c23c1b1d5359226a24150aad0dff764
Fixes: #56458
Releases: 6.1, 6.0, 4.7, 4.5
Security-Commit: 0682...
Helmut Hummel
09:31 Revision c39bca96: [SECURITY] Remove charts.swf to get rid of XSS vulnerability
The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o...
Helmut Hummel
09:31 Revision 55d5f385: [SECURITY] Add trusted HTTP_HOST configuration
TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li...
Helmut Hummel
09:31 Revision efb098b2: [SECURITY] XSS in (old) extension manager information function
Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: Iae077221a4a8ef8f3aacaeb9d6...
Marc Bastian Heinrichs
09:31 Revision 94011a3c: [SECURITY] XSS in new content element wizard
Sanitize user-input colPos in new content element wizard.
Change-Id: I13ff938e7320c68c8ad3f88b0cb688bc4d43d839
Fixes...
Markus Klein
09:31 Revision b62651b0: [SECURITY] XSS in template tools on root page
Change-Id: I6942457ce27ad22a33efd003ceaa96fa7460c0bf
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:...
Marc Bastian Heinrichs
09:31 Revision a98ae3ca: [SECURITY] XSS in Backend Layout Wizard
Change-Id: I7e58e32a4d7146c2c341d756816c29f7c01ed31d
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:...
Nicole Cordes
09:31 Revision 4f7258cf: [SECURITY] Encode URL for use in JavaScript
The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: If3...
Markus Klein
09:31 Revision 742ad492: [SECURITY] Fix insecure unserialize in colorpicker
Change-Id: Iee9d2712ae3b489a89604cb7be8c2af27a924fe0
Fixes: #56458
Releases: 6.1, 6.0, 4.7, 4.5
Security-Commit: 36eb...
Helmut Hummel
09:31 Revision 9bd77764: [SECURITY] Remove charts.swf to get rid of XSS vulnerability
The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o...
Helmut Hummel

2014-05-21

12:26 Revision e50f6a64: [BUGFIX] Indexer tries to insert NULL into DB
The Indexer of indexed_search tries to insert NULL values
into NOT NULL columns of the database.
Since #53662 NULL v...
Markus Klein
12:26 Revision 6a91a909: [BUGFIX] Indexer tries to insert NULL into DB
The Indexer of indexed_search tries to insert NULL values
into NOT NULL columns of the database.
Since #53662 NULL v...
Markus Klein

2014-05-20

03:14 Revision 4a3e526a: [BUGFIX] RTE Remove Format removes too much
The remove format function with msword selected removes too much
content when there is more than one style block in c...
Stanislas Rolland

2014-05-19

10:17 Revision 849e5f11: [BUGFIX] indexed_search plugin cannot be translated
The experimental extbase plugin of indexed_search is not
translatable on Pootle because it is still using locallang.x...
Robert Vock

2014-05-18

15:01 Revision 3d5143b6: [BUGFIX] Missing check if $row[t3ver_state] is set in IconUtility
As a result of a missing check if $row['t3ver_state'] exists,
an exception is thrown when IconUtility::getIcon() is c...
Frans Saris

2014-05-16

21:43 Revision 8b264890: [TASK] Cleanup DataHandler functional tests
Some DataHandler functional test cases are duplicated or are not
required anymore. Here's a list of what has changed ...
Oliver Hader
21:24 Revision b36a41ab: [TASK] Extend DataHandler IRRE functional tests
Extend CSV and ForeignField test with
* copyParentContentToDifferentPage
* modifyHotelChild
Resolves: #58854
Release...
Oliver Hader
21:02 Revision 34181bbc: [TASK] Unify DataHandler test structure
Resolves: #58868
Releases: 6.2
Change-Id: I0f5aeb1d211e542cb323fba11b07a0b8be7d3ed0
Reviewed-on: https://review.typo3...
Oliver Hader

2014-05-15

19:18 Revision 3ee99e99: [BUGFIX] Wrong system requirements link
Resolves: #58842
Releases: 6.2, 6.1
Change-Id: Ibaf87d32778349d5a87009bcd2b365447e6488fa
Reviewed-on: https://review....
Markus Klein
19:16 Revision b71a0569: [BUGFIX] Wrong system requirements link
Resolves: #58842
Releases: 6.2, 6.1
Change-Id: Ibaf87d32778349d5a87009bcd2b365447e6488fa
Reviewed-on: https://review....
Markus Klein
09:31 Revision 53c830fc: [BUGFIX] FlashMessageService not available in TYPO3 6.0
Issue #51079 introduced the disposal of FlashMessageService
which has been added for TYPO3 6.1 the first time. It's o...
Oliver Hader

2014-05-14

10:55 Revision f86e016a: [BUGFIX] DependencyUtility does count() on an integer
Remove the superfluous count() call.
Resolves: #58529
Releases: 6.2, 6.1, 6.0
Change-Id: I0933650b52063009de52268034...
Markus Klein
10:55 Revision 459c34d2: [BUGFIX] DependencyUtility does count() on an integer
Remove the superfluous count() call.
Resolves: #58529
Releases: 6.2, 6.1, 6.0
Change-Id: I0933650b52063009de52268034...
Markus Klein

2014-05-13

20:35 Revision 12177afd: [BUGFIX] Wrong path reference for installToolPassword option
The [BE][installToolPassword] contains a suggestion to additionally
protect the Install Tool by protecting its folder...
Markus Klein
19:32 Revision dd146826: [BUGFIX] Restore registers before early returns
Having an empty image list or a list of images with empty values
will not restore the loaded registers.
So we must re...
Jo Hasenau
19:24 Revision 88746ec2: [BUGFIX] Don't rely on not found database records impexp
The function exec_SELECTgetSingleRow could also return
FALSE in addition to NULL, so add a additional check.
Resolve...
Marc Bastian Heinrichs
18:03 Revision 624aef35: [BUGFIX] MM relations are not correctly resolved in Backend view
DataPreprocessor is taking care of preparing data for the form
view processed in the FormEngine. However, MM relation...
Oliver Hader
18:00 Revision 016860ab: [BUGFIX] Invalid module token in openid wizard
Fix the double htmlspecialchars call by removing the one
in the controller. Fluid does it anyway.
Resolves: #58719
R...
Markus Klein
18:00 Revision d951b22b: [BUGFIX] Sprite icons not shown
If first hit after clearing cache was not in BE context
some icons are not part of the sprite css.
This patch makes ...
Frans Saris
17:58 Revision deb3c0f4: [BUGFIX] Category tab not shown for file when filemetadata installed
As a result of the TCA caching changes the order of
the manipulations done in the sys_file_metadata TCA
have changed....
Frans Saris
17:37 Revision d277119a: [BUGFIX] Remove failing extension installations
This patch takes care about removing extracted extension folders if an
installation fails. For new extensions the fol...
Nicole Cordes

2014-05-12

23:27 Revision 01103d52: [BUGFIX] DataProviderContext uses wrong member field in setter
Resolves: #58731
Releases: 6.2
Change-Id: Ic3c5417d19b165009ae500a19b565569e2d8b2b2
Reviewed-on: https://review.typo3...
Tim Schreiner
17:04 Revision 4f982ca0: [TASK] Update to phpunit 4.1
Do not forget to "composer update" test instances!
Updating from phpunit 3.7 to 4.1 is smooth, except two details:
...
Christian Kuhn
15:45 Revision 65603ab6: [SECURITY] Extbase must not cache dynamic parts of queries
Do not cache the enable fields part of queries. This part
needs to be added on each query dynamically to reflect the
...
Markus Klein
10:38 Revision 037d2c7b: [BUGFIX] Check if storage exists before accessing it
When editing a file mount in the backend, we need to check if
the storage backend actually exists.
Change-Id: I76e67...
Christian Weiske
10:33 Revision d071a64b: [BUGFIX] Use file name in delete confirmation message
Instead of using the file identifier, the actual file name
is used when asking if a file should be deleted.
This is ...
Christian Weiske

2014-05-08

12:29 Revision 6ffdceeb: [BUGFIX] Solve stackoverflow in prototype in IE8
The reason for this behaviour is the combination of prototype.js
and ExtJS. The ExtJS defer() method takes precedence...
Jigal van Hemert
12:29 Revision fb8370d0: [BUGFIX] Solve stackoverflow in prototype in IE8
The reason for this behaviour is the combination of prototype.js
and ExtJS. The ExtJS defer() method takes precedence...
Jigal van Hemert
03:18 Revision 3abc7030: [BUGFIX] Default image title in RTE contains the file name
When inserting an image in the RTE, the default image title should be
the image file title, not the image file name.
...
Stanislas Rolland
 

Also available in: Atom