TYPO3 6.2.3
23 May 2014
TYPO3 version 6.2.3 is now available (security release).
Upgrading to TYPO3 6.2.3
TYPO3 6.2.3 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply TYPO3 updates as new versions are released, or use Installatron's Clone feature to duplicate an existing TYPO3 install to test the 6.2.3 upgrade prior to applying it live. Get started managing your TYPO3 installations with Installatron
What's New in TYPO3 6.2.3
This release is a combined bug fix and security release.
- #30377 [SECURITY] Add trusted HTTP_HOST configuration (Helmut Hummel)
- #54111,#54113 [SECURITY] XSS in (old) extension manager information function (Nicole Cordes)
- #48695 [SECURITY] XSS in new content element wizard (Marcus Krause)
- #54109 [SECURITY] XSS in template tools on root page (Marc Bastian Heinrichs)
- #57576 [SECURITY] XSS in Backend Layout Wizard (Helmut Hummel)
- #48693 [SECURITY] Encode URL for use in JavaScript (Jigal van Hemert)
- #57673 [SECURITY] Session timeout can be circumvented once (Markus Klein)
- #54526 [SECURITY] Remove charts.swf to get rid of XSS vulnerability (Helmut Hummel)
- #58310 [BUGFIX] RTE Remove Format removes too much (Stanislas Rolland)
- #58796 [BUGFIX] indexed_search plugin cannot be translated (Robert Vock)
- #58846 [BUGFIX] Missing check if $row[t3ver_state] is set in IconUtility (Frans Saris)
- #58870 [TASK] Cleanup DataHandler functional tests (Oliver Hader)
- #58854 [TASK] Extend DataHandler IRRE functional tests (Oliver Hader)
- #58868 [TASK] Unify DataHandler test structure (Oliver Hader)
- #58842 [BUGFIX] Wrong system requirements link (Markus Klein)
- #58720 [BUGFIX] Wrong path reference for installToolPassword option (Markus Klein)
- #56796 [BUGFIX] Restore registers before early returns (Jo Hasenau)
- #58688,#57348 [BUGFIX] Don't rely on not found database records impexp (Marc Bastian Heinrichs)
- #58735 [BUGFIX] MM relations are not correctly resolved in Backend view (Oliver Hader)
- #58719 [BUGFIX] Invalid module token in openid wizard (Markus Klein)
- #58758 [BUGFIX] Sprite icons not shown (Frans Saris)
- #58620 [BUGFIX] Category tab not shown for file when filemetadata installed (Frans Saris)
- #57606 [BUGFIX] Remove failing extension installations (Nicole Cordes)
- #58731 [BUGFIX] DataProviderContext uses wrong member field in setter (Tim Schreiner)
- #58676 [TASK] Update to phpunit 4.1 (Christian Kuhn)
- #58369 [SECURITY] Extbase must not cache dynamic parts of queries (Markus Klein)
- #57986 [BUGFIX] Check if storage exists before accessing it (Christian Weiske)
- #58150 [BUGFIX] Use file name in delete confirmation message (Christian Weiske)
- #58600 [BUGFIX] LocalizationUtility methods should be static (Christian Kuhn)