Dotclear

Changeset 3854:f957f195c75d


Ignore:
Timestamp:
09/03/18 10:20:18 (7 years ago)
Author:
franck <carnet.franck.paul@…>
Branch:
2.14
Message:

Update CHANGELOG for the next 2.14.2

File:
1 edited

Legend:

Unmodified
Added
Removed

  • CHANGELOG

    r3807 r3854  
     1Dotclear 2.14.2 - 2018-09-04 
     2=========================================================== 
     3* 🛡 Security: Authenticated cross-site scripting (XSS) was possible due to the .ahtml (or .bhtml, .chtml, …) file extension being allowed in the media manager. Thank's Josiah Pierce for report (CVE-2018-16358) 
     4* 🛡 Security: Unregister phar wrapper in order to avoid PHP Phar extension vulerability 
     5* Fix: Enter key in some input fields were not redirect to the parent form 
     6* Fix: Unable to save modified theme's files in theme editor, when Codemirror is used 
     7* Fix: Back to the original global_filters() template function (will be rewritten in the next 2.15) 
     8 
    19Dotclear 2.14.1 - 2018-08-17 
    210=========================================================== 
Note: See TracChangeset for help on using the changeset viewer.

Sites map