Activity
From 2014-05-21 to 2014-06-19
2014-06-19
- 21:43 Revision 7f4cc74e: [BUGFIX] Pass field name variable to flexform DS utility
- A field name parameter is not being passed from within
DataHandler when copying a record which has a FlexForm
DF asso... - 21:34 Revision 03a084e1: [BUGFIX] Pass field name variable to flexform DS utility
- A field name parameter is not being passed from within
DataHandler when copying a record which has a FlexForm
DF asso... - 21:34 Revision 4436848e: [BUGFIX] Pass field name variable to flexform DS utility
- A field name parameter is not being passed from within
DataHandler when copying a record which has a FlexForm
DF asso... -
19:11 Revision 29b00301: [BUGFIX] Remove warnings in ImportExportController.php
- This patch adds cleanup to prevent warnings when accessing the
import/export module.
Resolves: #58534
Releases: 6.3,... -
- This patch adds cleanup to prevent warnings when accessing the
import/export module.
Resolves: #58534
Releases: 6.3,... - 18:43 Revision 8ed935c9: [FEATURE] Add uid to SysDomainCache
- If you are building an extension, that outputs
data depending on a selected domain, it is easier
to compare the uid o... -
18:38 Revision ca201f35: [TASK] Extension manager: default sorting for Extensions
- EM "Get Extension" does not show the awesome extension culture
that lives in the TER. Change sorting basically with t... -
- EM "Get Extension" does not show the awesome extension culture
that lives in the TER. Change sorting basically with t... -
18:35 Revision 6fbac4bb: [TASK] Ensure that cli user is admin on extension install and uninstall
- Extension install and uninstall is an admin task. Calling the belonging
CommandController on cli should ensure, that ... -
- Extension install and uninstall is an admin task. Calling the belonging
CommandController on cli should ensure, that ... -
17:24 Revision 08ab8684: [BUGFIX] Fix RTE file links migration
- Links in RTE might be stored as <LINK or <link.
Currently the upgrade wizards lacks support for <LINK.
Add this to th... -
- Links in RTE might be stored as <LINK or <link.
Currently the upgrade wizards lacks support for <LINK.
Add this to th...
2014-06-18
-
01:43 Revision 5ef754be: [BUGFIX] Wrong check for showing folder clickmenu
- This patch fixes a wrong check that prevents the clickmenu
from showing for folders in the filelist.
Resolves: #5956... -
- This patch fixes a wrong check that prevents the clickmenu
from showing for folders in the filelist.
Resolves: #5956... -
- Remove the lines as they have not been valid, nobody will miss them.
Resolves: #57716
Releases: 6.3, 6.2
Change-Id: ... -
- Remove the lines as they have not been valid, nobody will miss them.
Resolves: #57716
Releases: 6.3, 6.2
Change-Id: ...
2014-06-17
-
- This patch fixed the alignment of the clear input icon in the
date input fields and the trigger icon outside the date... -
- This patch fixed the alignment of the clear input icon in the
date input fields and the trigger icon outside the date... -
20:13 Revision 0f7f9664: [TASK] Set TYPO3 version to 6.3-dev
- Releases: 6.3
Change-Id: Ie6aef74f866ac9b93e752a777ce6313126d8a32f
Reviewed-on: https://review.typo3.org/30786
Review... -
- PHP fatal error due to the invalid call to non-existing method
ExtensionManagementService::resolveDependenciesAndInst... -
- If moving an element to a different page, the page tree only
visualizes the change in the source page, but does not v... -
- The workspace module defines several states:
edited, moved, created, hidden, unhidden, deleted
The states "hidden" a... -
- If e.g. a content element gets moved to a different page, the
workspace preview link opens the source page (which doe... -
00:23 Revision df11f015: Revert "[BUGFIX] Session cookie is not recreated on login"
- This reverts commit 76741dff7b967b88aa1d6e556500a77716c7a97a
(https://review.typo3.org/29626)
This change is not nee...
2014-06-16
-
- Field labels are not shown if opening the history of an
element in the workspace module.
Resolves: #59546
Releases: ...
2014-06-13
-
- Issue #31951 introduced a breaking change in changing the order
of constructor arguments in the form PostProcessor. T... -
13:22 Revision 8bd1988d: [BUGFIX] Own Layout Breaks Mail Message
- With this patch it is possible to configure custom layouts
for the form, confirmation, and each type of post processo... -
- In the scope of enabling Extbase frontend rendering during
functional test runs, the response object contains multipl... -
09:50 Revision 5dba6de7: [BUGFIX] Extensionmanager does not show error messages on update failure
- The extension manager fails to show any error message if an extension
update fails.
Convert exceptions (e.g. depende... -
08:59 Revision 15ffdb20: [BUGFIX] Erroneous date sorting in File List
- The sorting by date fails in the Filelist module when more
than 9 files with the same date are found since the numeri...
2014-06-12
-
- The functional frontend tests are extended with basic FAL
use-cases in the live workspaces, as well as for modifying,... -
- During workspace move operations sometimes a warning like
this can be found:
102: These fields are not properly up... -
- Having a parent-child structure spanning three levels, only the
first and second level elements are moved to a differ... -
- Clicking the "all workspaces" tab in the workspace backend
module as regular editor does not have any action and actu... -
- Testing the frontend behavior in functional tests creates
currently an own PHP sub-request to execute TypoScript in
f... -
- Preview links should not be shown in the backend, if pages are
deleted in a workspace. Currently both page tree conte... -
14:26 Revision 4477f277: [TASK] Trigger events in DragUploader
- The DragUploader implementation prevents most of its JavaScript
API to be interacted with from outside the module. Es... -
14:17 Revision 43e5e4cc: [BUGFIX] sys_news on login with twice hsc
- Set RteHtmlParser in dontHSC_rte modus to fix garbled output.
Resolves: #25188
Releases: 6.2, 6.1
Change-Id: Ib01c3f... -
- Set RteHtmlParser in dontHSC_rte modus to fix garbled output.
Resolves: #25188
Releases: 6.2, 6.1
Change-Id: Ib01c3f... -
13:39 Revision 284c5a81: [BUGFIX] Unnecessary instantiation of objects in contentObjectRender
- Classes implementing the hook cObjTypeAndClass are instantiated each
time a contentObjectRender is created, even if t... - 12:42 Revision eeaad611: [BUGFIX] AddQueryStringMethod overwrites parameters
- Uri parameters are overwritten when using both POST and GET parameters
with the addQueryStringMethod functionality of... -
- This patch adds a check to the SystemEnvironment checks to test
whether any method for retrieving external files is a... -
08:27 Revision 7c7792d9: [FEATURE] Display loading mask in Extension Manager
- Add a loading mask effect, whenever the User has clicked
on one of the two buttons of the compatibility check message...
2014-06-11
-
23:31 Revision df9399a1: [BUGFIX] TS/EM constant categories cannot be localized
- Constant categories may now be localized using a construct similar
to defining custom subcategories:
Fixes: #57369
D... -
22:45 Revision 27b85a41: [BUGFIX] Fix PHP Warning on executing Database Analyzer without changes
- When running the Database Analyzers "Execute" without checking at least
one checkbox you get a PHP Warning "array_mer... -
22:41 Revision 90b0b4a3: [BUGFIX] FollowUp to "Invalid localization overlay of cObject FILES"
- When fixing language overlay of cObject FILES, the mocking in the unit
test was not adapted.
Resolves: #58352
Resolv... -
- The extbase query cache is enabled by default. This patch
adds a TypoScript setting to enable or disable the cache in... -
- Whenever installing an extension, the file located at
EXT:ext_key/Initialisation/data.t3d is detected and its content... -
16:59 Revision 92907937: [BUGFIX] Fix set_no_cache() log level severity
- The array key that is used to check if a Backend user is logged in
is fixed.
Resolves: #59495
Releases: 6.2
Change-I... -
- The TypoScript cObject FILES does not consider localization
overlays and behavior correctly when it comes additional
... -
- This patch adds a new action to show all unresolved dependencies and
adds the possibility to bypass all system and ve... -
16:35 Revision 14183c8d: [BUGFIX] PAGE_TSCONFIG_ID is not visible in TCA wizards
- The placeholder PAGE_TSCONFIG_ID may be used in a foreign_table_where
TCA condition but is not available as parameter... -
- The sorting by date fails in the Filelist module when more
than 9 files with the same date are found since the numeri... -
- Add a new configuration in Install Tool (['SYS']['clearCacheSystem']).
If set, the toolbar of clearing system cache i... -
11:50 Revision ed5b0d12: [BUGFIX] File Relations don't work with workspaces
- The file repository used to resolve all sys_file_references
handles enable fields manually currently, which is bad be... -
- When calling ResourceFactory::getInstance()
->getFileObjectFromCombinedIdentifier($identifier)
with $identifier === N... -
11:26 Revision 1682401c: [TASK] Improve styling of sys_action "Create Backend User"
- The styling of sys_action "Create Backend User" is outdated
and should be slightly improved to enhance usability of
t... -
- Loading extensions TS, that provide contentRenderingTemplates, like
css_styled_content, using INCLUDE_TYPOSCRIPT was ...
2014-06-10
-
17:44 Revision 3d3b794a: [BUGFIX] IRRE children show no field values with useCombination
- The IRRE option useCombination enables to use bi-directional
relations with IRRE items. This enables you to re-use IR... -
13:55 Revision 382457d2: [BUGFIX] Move TCA for fe_users and fe_groups into TCA/Overrides
- TCA manipulation code must no longer reside in ext_tables.php, but
moved to Configuration/TCA/Overrides/<tablename>.p... -
- Instead of generating and saving the public/private keys for
an RSA enabled login form on rendering the form the keys... -
- A small follow-up renaming the variable of the loop which
has not been renamed after copy and paste.
Resolves: #5870... -
- Fix this by adding the suggestion already present in
the ext_emconf.php also to the composer.json.
Resolves: #58694
... -
- Let the DependencyResolver take the suggest-part of the composer.json
or ext_emconf.php files into account. This solv... -
- Enhance the Package metadata with information about suggested packages.
This information may be loaded from composer....
2014-06-07
-
- We can revert this again as the issue has been resolved
upstream:
https://github.com/sebastianbergmann/phpunit-mock-o... -
- When uploading multiple files in TCEForm the DrapUploader
adds all uploaded files directly to the inline element of t...
2014-06-06
-
- Suddenly build failures occurred on travis which seem
to be related to ReflectionClass::newInstanceWithoutConstructor... -
20:14 Revision ce838380: [BUGFIX] Fix command description
- Due to using array_pop instead of array_shift the last line
of the command description is dropped instead of the firs... -
- Due to using array_pop instead of array_shift the last line
of the command description is dropped instead of the firs... -
11:43 Revision 0f9bd665: [BUGFIX] getIndpEnv('TYPO3_SSL') fails to detect reverseProxyIp
- When running TYPO3 behind a reverse proxy, which also handles SSL,
the setting reverseProxySSL should check if the si... -
- When running TYPO3 behind a reverse proxy, which also handles SSL,
the setting reverseProxySSL should check if the si... -
- Emit postFileCreate and postFileSetContents signals and add
provide the original folder in the postFileMove and the
p...
2014-06-05
-
- The maxitems value for a group field defaults to 1 instead of 100000 so
that it is consistent with the TCA reference ... -
- The current check does not properly consider the override values.
If a override is set, then its value has to be take... -
22:45 Revision 795fa7f5: [BUGFIX] Disabled backend users shown for workspace stage change
- On changing the stage of a workspace version, an accordant
dialog is shown with recipients to be informed about this
... -
- For custom content elements with image these are shown
as thumbs in the list module but not in the page module.
This... -
20:39 Revision 06af78d5: [CLEANUP] Add missing PHP comments in class LogoView
- Change-Id: I13d428c7b8a3964e8c376ad2c8d2a4af8c0059f1
Releases: 6.2
Resolves: #59374
Reviewed-on: https://review.typo3... -
20:09 Revision 2105c6f4: [BUGFIX] Improve the formatting of help of the CommandController
- This aligns the description of the command line options.
Resolves: #59372
Releases: 6.2
Change-Id: I474f8415d3ed62d5... -
19:49 Revision b2114781: [BUGFIX] Illegal string offset 'uid' in TypoScriptFrontendController
- Logoff sets user property to an empty string instead of NULL. This
leads to a PHP Warning in PHP 5.4
Change-Id: Ib0e... -
- Logoff sets user property to an empty string instead of NULL. This
leads to a PHP Warning in PHP 5.4
Change-Id: Ib0e... - 13:44 Revision 66bf424e: [BUGFIX] Warning in SearchController
- $this->sWArr is not defined SearchController.
Fix this to use the correct $this->searchWords variable.
Change-Id: Ib... - 13:44 Revision 49b7ac46: [BUGFIX] Warning in SearchController
- $this->sWArr is not defined SearchController.
Fix this to use the correct $this->searchWords variable.
Change-Id: Ib... -
- Content elements from hidden pages are no longer shown in previews.
Fix this by checking with a strong comparison in... -
- Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a... -
- Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a...
2014-06-04
-
- * Unit tests are allowed for CLI anyway
* Remove allow all in data provider
The latter implicitly caused a global al... -
- * Unit tests are allowed for CLI anyway
* Remove allow all in data provider
The latter implicitly caused a global al... -
- * Allow HTTP_HOST access for all unit tests
* Remove allow all in data provider
The latter implicitly caused a globa... -
- To make it possible for an editor to find the real
location of a used file, the storage and folder are
added to the E... -
- Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a...
2014-06-03
-
- Ensure the DataHandler::log() function does return integers
in all cases as denoted in the doc header.
Resolves: #59... -
- The irre elements of FAL items have an info icon which shows
some details info about the file_reference. But this is ... -
- A wrong formula is used to calculate the pointer
for the pages.
This patch also introduces a central function for
cal... -
23:41 Revision 1355d8b6: [BUGFIX] Old TYPO3 logo still in use in ext:workspaces
- Replace old logo with the new logo.
Resolves: #59321
Releases: 6.2
Change-Id: I1b4386e0ee614096b4033f00d9fe9136d11a6... -
- Ensure the DataHandler::log() function does return integers
in all cases as denoted in the doc header.
Resolves: #59... -
- On creating exports the file hash and size is used from the
sys_file table. Since this could be not up-to-date in rea... -
- A folder to be created could change the name by sanitizing. So
the name of the created folder could differ from the r... -
- This is a regression fix for #55983, which introduced
additional urlencoding for title, class, ...
Remove the encodi... -
- The AJAX url for retrieving a new encryption key contains
two question marks. This causes the request to fail.
Fix t... -
- The AJAX url for retrieving a new encryption key contains
two question marks. This causes the request to fail.
Fix t... -
- RTE feature "userlinks" generates a wrong JS function
name due to the automatic replacement during the
namespace conv... -
- RTE feature "userlinks" generates a wrong JS function
name due to the automatic replacement during the
namespace conv... -
- The AJAX url for retrieving a new encryption key contains
two question marks. This causes the request to fail.
Fix t... -
- RTE feature "userlinks" generates a wrong JS function
name due to the automatic replacement during the
namespace conv... -
16:45 Revision f432417e: [BUGFIX] Canonicalize path before checking existence
- ResourceFactory fails to detect files in symlinked
scenarios, because the path is not canonicalized before
file exist... -
- For select-type fields displayed as two side-by-side selectors
which are registered as "requestUpdate" fields, the fo...
2014-06-02
-
- The setting for maxitems in the TCA of be_users and be_groups for
FAL permissions are wrong.
Fix the value to match t... -
- ObjectAccess->getPropertyPath() does not work with
ObjectStorage and numerical indexes, but it should be
because with...
2014-06-01
-
- The AbstractUserAuthentication::checkAuthentication() method calls
the logoff() method on every failed login attempt....
2014-05-30
-
- TCEforms is not wrapped in a div when dividers2tabs is disabled
and a inline-element form element is present. As a re...
2014-05-29
-
- This is not possible in PHP 5.3.
Resolves: #59203
Releases: 6.2
Change-Id: I108578f7635c50493a3b5d7a7fc81c021805abf8... - 16:38 Revision 34f254ba: [BUGFIX] Flexform element title is cropped to hardcoded length
- The title of a flexform element is cropped to maximum length of 30
characters. Instead it should obey the maximum tit... - 16:34 Revision e5eb4b46: [BUGFIX] Flexform element title is cropped to hardcoded length
- The title of a flexform element is cropped to maximum length of 30
characters. Instead it should obey the maximum tit... -
16:19 Revision 6deca0f7: [BUGFIX] Admin panel text selection
- Fixes: #58485
Releases: 6.2
Change-Id: I9c3243b2cca9edb89d262a4d3f9cde17b906d440
Reviewed-on: https://review.typo3.or... - 16:12 Revision 9ffc7865: [TASK] Use self:: where possible in GeneralUtility
- It's common sense to use self:: where possible because it's quicker and
makes code better understandable.
This chang... -
- When setting up a new TYPO3 installation, TYPO3 should redirect
to the install tool, when accessing the frontend or b... -
- When setting up a new TYPO3 installation, TYPO3 should redirect
to the install tool, when accessing the frontend or b... -
- ext_emconf.php may lack the dependencies array. This will cause
a PHP warning in a foreach loop.
Fix this by checkin... -
- Resolves: #58756
Releases: 6.2
Change-Id: Ide09c7792e9b24afe480230893cac18570ce4f19
Reviewed-on: https://review.typo3...
2014-05-28
-
19:13 Revision 8bdcbc19: [BUGFIX] Correct minor typo in "About TYPO3 CMS"
- This patch corrects a minor typo in module: Web -> About TYPO3 CMS.
It currently reads "TYPO3 CMS is a enterprise-cla... -
14:12 Revision 3e6e8ec8: [BUGFIX] Parent language is not applied to new child records
- If localizing a parent-child structure, usually the language
of the parent element shall be applied to related child ... -
- If localizing a parent-child structure, usually the language
of the parent element shall be applied to related child ... -
- With the cleanup of the backend styles a padding of the
pallete header got missing.
This patch adds this padding jus...
2014-05-26
-
- Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a... -
- Due to patch https://review.typo3.org/#/c/30305/ the string comparison
on colPos fails and new content elements are a...
2014-05-23
-
15:42 Revision 9a47bd20: [BUGFIX] Inserting custom element in RTE throws exception
- Problem: Token validation fails.
Solution: Use BackendUtility::getModuleUrl to ensure validity of token.
Resolves: #... -
- Extbase allows to register alternative implementations for
objects. However that does not work for view helpers using... -
- Extbase allows to register alternative implementations for
objects. However that does not work for view helpers using... -
- Extbase allows to register alternative implementations for
objects. However that does not work for view helpers using... -
- The maximums for today's exports are limited to strict.
It's 10MB for a settable file size included in exports;
raise... -
- lang/4.5/locallang_csh_pages.xlf contains invalid
HTML structure a <p> tag should actually be a <b> tag.
Resolves: #... - 00:18 Revision ef2ec950: [CLEANUP] Code cleanup for LanguageService
- * Avoid unnecessary fully qualified class names
* Add return NULL for consistency if a method only returns a value
... -
- Fix sql error "Column 'public' cannot be null" on saving
with unchecked box public.
Resolves: #57405
Releases: 6.2
C... -
00:12 Revision 38b178bc: [BUGFIX] Set default permissions for new files to 0664
- Change-Id: I4c71414dca763d9ba29ab93b18a0389941f51af7
Resolves: #58809
Releases: 6.2
Reviewed-on: https://review.typo3... -
00:06 Revision 6118ac5f: [BUGFIX] Fix url for youtube embeds
- Additionally solve the problem when http:// is missing
due to usage of the link wizard.
Change-Id: I676d14b4ddf81d5d... -
- The SoftReferenceIndex parses and rebuilds typolink tags, but the
support for more than one value in class attribute ...
2014-05-22
-
- lang/4.5/locallang_csh_pages.xlf contains invalid
HTML structure a <p> tag should actually be a <b> tag.
Resolves: #... -
- lang/4.5/locallang_csh_pages.xlf contains invalid
HTML structure a <p> tag should actually be a <b> tag.
Resolves: #... -
- The TCA tree element fail to load inside IRRE, in some condition
(when the record is not loaded/opened)
Change-Id: I... -
- Since making userHomePath and groupHomePath FAL compatible
the descriptions in DefaultConfiguration don't fit anymore... -
- Fix the usage of relative paths in INCLUDE_TYPOSCRIPT inclusions of
static templates from extensions.
EXT:myext/Conf... -
- PathUtility::getAbsolutePathOfRelativeReferencedFileOrPath()
Add a check to the function to identify a given basepath... -
- The flexform converter in ContentObjectRenderer tries to access
an array element on a non-array.
Check existence wit... -
- The var pageNotFound is set, if the called page has access
restrictions. Afterwards starts a searching for an accessi... -
- The unit tests for the recent HTTP host fix are failing
if executed in CLI mode.
In CLI mode no server environments a... -
- The unit tests for the recent HTTP host fix are failing
if executed in CLI mode.
In CLI mode no server environments a... -
- The unit tests for the recent HTTP host fix are failing
if executed in CLI mode.
In CLI mode no server environments a... -
10:18 Revision ff4db83b: [TASK] Set TYPO3 version to 6.2.4-dev
- Change-Id: Ic42722b40b91e61dfd839241b91b9ff31a322259
Reviewed-on: https://review.typo3.org/30317
Reviewed-by: TYPO3 R... -
- Change-Id: Ib7b6505d59bdec51f537afec80678c11c0ad0b89
Reviewed-on: https://review.typo3.org/30316
Reviewed-by: TYPO3 R... -
- Change-Id: I4f3b6dc5fe3e7e64365b632d6bd2656cd45d1378
Reviewed-on: https://review.typo3.org/30315
Reviewed-by: TYPO3 R... -
- Change-Id: I68884dbd5ac459c84ad18a14e7c7df30701ad72c
Reviewed-on: https://review.typo3.org/30314
Reviewed-by: TYPO3 R... -
- Change-Id: Ib72fe2ce5ab6ffc02623db7cb807980496eec301
Reviewed-on: https://review.typo3.org/30313
Reviewed-by: TYPO3 R... -
- Change-Id: I08089195ded2aa1b150139c7a9d944e38af92887
Reviewed-on: https://review.typo3.org/30312
Reviewed-by: TYPO3 R... -
- Change-Id: I74224483b538dad32994bdc1ae10eb014f3efafd
Reviewed-on: https://review.typo3.org/30311
Reviewed-by: TYPO3 R... -
- Change-Id: I81bf2c94f0c4a8157788d3b3f0acf64eae2ce6c6
Reviewed-on: https://review.typo3.org/30310
Reviewed-by: TYPO3 R... -
- Change-Id: Iffabf254620824d1d0b7a42e239576bd3aa73791
Reviewed-on: https://review.typo3.org/30309
Reviewed-by: TYPO3 R... -
- Change-Id: I296aa228d3d9ffda43cf99a41d3ac36d8b93f439
Reviewed-on: https://review.typo3.org/30308
Reviewed-by: TYPO3 R... -
- TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li... -
- Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: If10b0cf25015eada0657aaebc1... -
09:34 Revision 6c6ae4b6: [SECURITY] XSS in new content element wizard
- Sanitize user-input colPos in new content element wizard.
Change-Id: Ifa90ea1ede3b6c2a5436c505993c533803306d01
Fixes... -
- Change-Id: I2b5214e666d1c9edc5354dd3983401038e9aaf66
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... -
- Change-Id: I096d26b3eee20493b146633bda11529890be59dc
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... -
09:33 Revision 5ecbf238: [SECURITY] Encode URL for use in JavaScript
- The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: I3e... -
- Fix the AbstractUserAuthentication class to properly invalidate
the current session if it timed out.
Change-Id: Id50... -
- The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o... -
- TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li... -
- Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: I434689d4065496330a92e7086e... -
- Sanitize user-input colPos in new content element wizard.
Change-Id: I68ee05a9113b2a0266c0be612b1a10272cb986a2
Fixes... -
- Change-Id: I2958dcc7cecf8ef980d90dae66c6bd2df432ce4b
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... -
- Change-Id: Ie3f08333e417d8d208b3b36b208056efd4dbcec0
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... -
- The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: I84... -
- Change-Id: Id3a692cdccb2d3a9ae46ae635ee5c316fa36e371
Fixes: #56458
Releases: 6.1, 6.0, 4.7, 4.5
Security-Commit: 3981... -
- The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o... -
- TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li... -
- Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: Ida71054ffeaf963aed1da4674e... -
- Sanitize user-input colPos in new content element wizard.
Change-Id: Ic43566fc93fadf6a1d997ff73bf027468001fb38
Fixes... -
- Change-Id: I3fb1c66314c6ef05d7f243a79c6af12466376078
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... -
- Change-Id: I95af00f6eedd9635e31c375922dc8fc90d930c0e
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... -
- The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: Id4... -
- Change-Id: Id31f4a16308484fd3d9c799f1dbf4473464508ca
Fixes: #56458
Releases: 6.1, 6.0, 4.7, 4.5
Security-Commit: ac30... -
- The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o... -
- TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li... -
- Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: Ib8d753d707d2ff2b7f8e634311... -
- Sanitize user-input colPos in new content element wizard.
Change-Id: Ieb45500aa10b65c82fd8fff59204eb1503c90a22
Fixes... -
- Change-Id: If78f319f61a3d064a4f25f30c7e8971ba761fde4
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... -
- Change-Id: Iff1e645df4fe3e85e064730acddaf4d29a5e5bce
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... -
- The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: I5b... -
- Change-Id: I78b29a745c23c1b1d5359226a24150aad0dff764
Fixes: #56458
Releases: 6.1, 6.0, 4.7, 4.5
Security-Commit: 0682... -
- The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o... -
- TYPO3 uses the values of HTTP_HOST in several
places without validating them. This could
lead to a situation where li... -
- Needs to be fixed also in 6.x, but the affected function is not
used anymore.
Change-Id: Iae077221a4a8ef8f3aacaeb9d6... -
- Sanitize user-input colPos in new content element wizard.
Change-Id: I13ff938e7320c68c8ad3f88b0cb688bc4d43d839
Fixes... -
- Change-Id: I6942457ce27ad22a33efd003ceaa96fa7460c0bf
Fixes: #54109
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... -
- Change-Id: I7e58e32a4d7146c2c341d756816c29f7c01ed31d
Fixes: #57576
Releases: 6.2, 6.1, 6.0, 4.7, 4.5
Security-Commit:... -
- The url for the Open in New Window button must be quoted for
use in JavaScript to prevent XSS issues.
Change-Id: If3... -
- Change-Id: Iee9d2712ae3b489a89604cb7be8c2af27a924fe0
Fixes: #56458
Releases: 6.1, 6.0, 4.7, 4.5
Security-Commit: 36eb... -
- The file charts.swf is vulnerable to XSS, is delivered
by ExtJS but not used in TYPO3 CMS at all.
Since the vendor o...
2014-05-21
-
- The Indexer of indexed_search tries to insert NULL values
into NOT NULL columns of the database.
Since #53662 NULL v... -
- The Indexer of indexed_search tries to insert NULL values
into NOT NULL columns of the database.
Since #53662 NULL v...
Also available in: Atom