SIlverStripe Security Release 3.0.14 / 3.1.13

49 views

Skip to first unread message

Damian Mooyman

unread,

May 28, 2015, 3:40:40 AM5/28/15

to silverstri...@googlegroups.com

SilverStripe 3.1.13 is now available, and all users of 3.1.12 or below are highly advised to upgrade as soon as possible.

This release contains several bugfixes, including several security issues related to hostname injection, as well as an unauthenticated vulnerability in ?flush or ?isDev query parameters.

SilverStripe 3.0.14 is also available and contains the same security fix for ?flush or ?isDev. Users of 3.0.13 are advised to upgrade to this version as soon as possible.

Release notes: http://docs.silverstripe.org/en/changelogs/3.1.13/

Download: http://www.silverstripe.org/software/download/

Kind Regards,

Damian Mooyman

Reply all

Reply to author

Forward

0 new messages