This release includes SilverStripe 4.1.5, which contains a critical security fix for CVE-2019-5715 (SS-2018-021). See the related blog post for details.

Change Log

Security

  • 2018-07-18 e2af1cf Disabling use of serialise fallback in MultiValueField for new installations (Guy Marriott) - See ss-2018-017
    • 2018-12-18 95505db7d Fix potential SQL vulnerability in non-scalar value hyrdation (Maxime Rainville) - See ss-2018-021

Features and Enhancements

  • 2018-04-18 3561466 Provide default IIS rewriting rules with recipe (Damian Mooyman)
    • 2018-11-27 a8f4f23c6 Add visibility updates to upgrade.yml. (bergice)

Bugfixes

  • 2019-01-31 cda9eef Fix for issue #212 (Joe Madden)
  • 2019-01-29 f918dcd36 Escape wildcard characters when matching database name in databaseExists (Guy Marriott)
  • 2019-01-28 dc9d1b9cc GridFieldPrintButton no longer assumes that children of GridField would implement their own print template (Robbie Averill)
  • 2019-01-25 0797ab7 Fix GraphQL FolderTypeCreator::resolveChildrenConnection on PostgreSQL (#901) (Serge Latyntcev)
  • 2019-01-24 d530bc2fb fix user feedback when jquery could not be loaded (Benedikt Seidl)
  • 2019-01-13 5c3b95ac Multibyte URL routing (Ingo Schommer)
  • 2019-01-11 2cb49ea [Warning] on count() with PHP >= 7.2 (Lukas)
  • 2018-12-12 0491ca03c prevent death on urls with querystrings & anchors (mikeyc7m)
    • 2018-11-27 142f31a Update path to global composer bin in Travis builds (Robbie Averill)
    • 2018-11-27 a7dad10 Updated YML config now references correct commentnotifications template (Massey Isa'ako)
    • 2018-10-28 17604a5 Replace Convert JSON methods with json_* methods, deprecated from SilverStripe 4.4 (Robbie Averill)
    • 2018-08-24 61a63f3 Update plural name of BrokenExternalPageTrackStatus (Raissa North)
    • 2018-08-16 ae9538f SilverStripe debug logs and higher are now routed correctly to syslog (Graylog) (Robbie Averill)
    • 2018-07-14 a0e0bed Use Injector to create PasswordValidators (Daniel Hensby)
    • 2018-06-18 0b69b49 Add proxy configuration for embedded cURL requests (Robbie Averill)
    • 2018-06-17 a6aa171 Replace recipe-cms requirement with CMS module (Robbie Averill)
    • 2018-06-12 73cccf9 Removing syntax error in config file (Guy)
    • 2018-05-29 a6f9595 Correct assertion order and remove default pages from Subsite creation (Robbie Averill)
    • 2018-05-28 d23faff Correct assertion order in CwpStatsReportTest (Robbie Averill)
    • 2018-05-28 34eb6ed Remove "Login Attempts" tab from Member CMS fields (Robbie Averill)
    • 2018-04-20 9e6fa08 revert removal of 'last logged in' column (Dylan Wagstaff)
    • 2018-04-13 478e5dc Fix invalid htaccess (Damian Mooyman)

Was this article helpful?