Über diese Datei
Released Yesterday at 15.12.2019
Additional Information
Version 4.4.9 .1 Security Update
Security
- Block binary/octal/hex/decimal based hostnames from being submitted in forms that could trigger an SSRF.
- Gfycat OEmbed endpoint could create XSS. Also informed Gfycat of issue. - Thanks to René Kroka - https://renekroka.cz for reporting this issue.
- Addition attachment permission checks when downloading attachments.
Version 4.4.9 is a maintenance update to fix critical issues reported since 4.4.8.
Additional Information
Core
- Fixed an issue where duplicate quote/mention/embed notifications could be sent when editing content.
- Fixed an issue where you could submit the form to update your profile information with no date set for your birthday, resulting in your form submission being ignored.
- Fixed an unclear page title when searching for members.
- Fixed a potential issue sending digests when cron is used to run tasks.
Commerce
- Fixed a situation where duplicate display names were allowed when checking out as a guest and the user was not prompted for their display name.
- Fixed Stripe webhooks potentially reporting an error.
- Fixed an issue with generating renewal invoices via the task system.
Gallery
- Fixed a styling issue for widgets not set to show on all devices in some cases on pages.
- Fixed an issue where the sitemap could be stopped being rebuilt.
Was gibt es neues in der Version 1.0.0 Changelog anzeigen
Veröffentlicht
Kein Changelog für diese Datei vorhanden.
Empfohlene Kommentare
Keine Kommentare vorhanden
Erstelle ein Benutzerkonto oder melde dich an, um zu kommentieren
Du musst ein Benutzerkonto haben, um einen Kommentar verfassen zu können
Benutzerkonto erstellen
Neues Benutzerkonto für unsere Community erstellen. Es ist einfach!
Neues Benutzerkonto erstellenAnmelden
Du hast bereits ein Benutzerkonto? Melde dich hier an.
Jetzt anmelden