Current File : //var/softaculous/cmssimple/changelog.txt
Version 2.2.16 - Truro
-------------------------------
Core - General
- BR #12370 - Admin Log-Download : now downloading the log honors all filters but doesn't process paging
- BR #12437 - Installer won't allow "<" symbol in database password
- BR #12457 - Event Manager empty list when mysql mode only_full_group_by
- BR #12484 - Cannot exit after Run UDT
- BR #12495 - MySQL 8.0.2+ breaks groups without table prefix
- BR #12499 - adminlog.tpl Wrongly formed date
- BR #12500 - NameQuote function does not work properly
- BR #12504 - Function call notification.
- Fixed an issue with specific characters in a content block tab name breaking the editor
- Adjust regex's incompatible with PCRE2
- Avoid deprecated strftime() - deploy new replacement function locale_ftime() and new modifier-plugin localedate_format
- A number of fixes for PHP 8 compatibility
Admin Search v1.0.6
- BR #12443 - Admin Search fails on some searches with default mysql mode only_full_group_by (mysql 5.7.5+).
- Removed license and copyright notices from module help text.
- Escaping the search input field values.
- More content object attributes are searched.
- User Defined Tags can be searched.
- Only places a user has permission to search are shown in the filter list (cached!).
Content Manager v1.1.9
- Fix menu text/title setting.
FileManager v1.6.12
- BR #12435 - Replacing an image file in filepicker doesn't update thumbnail.
FilePicker v1.0.5
- FR #12483 - Additional FilePicker Help for usage as Content Block.
Navigator v1.0.9
- BR #12456 - Navigator breadcrumbs with default page hidden from menu causes PHP notice.
Search v1.53
- Added 'Manage Search' permission;
- BR #12391 - Core search issue page/entry titles that start with numbers;
Phar Installer v1.3.15
- Fixed BR #12437 - Installer won't allow "<" symbol in database password;
- Added Russian lang file to installer;
- use locale_ftime() instead of deprecated strftime();
- escape name of groups table, to prevent reserved-word conflict when table-prefix is empty;
- alterations to the links in final step: we now privilege links to CMSMS channels of contact and support;
Version 2.2.15 - Bonaventure
-------------------------------
Core - General
- BR #12287 - Admin shortcuts popup refers to IRC.
- BR #12292 - showbase parameter of metadata tag doesn't accept boolean value.
- BR #12303 - No date displayed in the admin + category id not incremented.
- BR #12305 - Removing actual Destination Page breaks Destination Page dropdown in Internal Page Link pages.
- BR #12311 - log_performance_info - undefined variable: queries.
- BR #12313 - 5 Stored XSS vulnerabilities in Settings - Content Manager.
- BR #12317 - XSS on Settings News Module.
- BR #12325 - Several XSS vulnerabilities.
- BR #12335 - User pref admin homepage not properly displayed under certain conditions.
- BR #12337 - GetContentBlockFieldInput $adding always false.
- BR #12338 - Allow http/2 responses.
- BR #12357 - Filepicker dropzone size issue.
- FR #12345 - More user friendly admin session handling (partly implemented).
- FR #12349 - Swap tabs on System Maintenance page.
- Browsing to the main admin page in a new browser tab during a running session won't redirect to login form anymore.
- (Error) messages in OneEleven won't dismiss on click.
- Fix to Admin redirection after login on Windows platform.
- Fix to the module API redirection to support arrays in parameters.
FileManager v1.6.12
- Dropzone improvement like core FilePicker.
FilePicker v1.0.5
- BR #11673 - FilePicker will not show svg images, when in the Content Manager.
- BR #12312 - Stored XSS vulnerability in File Picker.
News v2.51.11
- Minor code fix to encoding title content.
- BR #12322 - Stored Cross-Site Scripting. Minor, because it can only be performed by a person that has access rights to the Admin panel.
- BR #12325 - Several XSS vulnerabilities.
Design Manager v1.1.9
- Minor fixes for PHP warnings\notices;
Module Manager v2.1.8
- BR #12291 - Reflected Cross site scripting
- BR #12324 - Stored Cross-Site Scripting. Minor, because it can only be performed by a person that has access rights to the Admin panel.
- Increased the Download Chunk Size field size to 4.
MicroTiny v2.2.5
- BR #12351 - Escaping translation strings in tinymce_config.js.
Search v1.52
- FR #11886 - Include module and modulerecord fields for content pages.
Phar Installer v1.3.13
- Fixes to the reload button: now prevents browser's caching
- BR #11591 - fixed: Phar installer doesn't work with OPCache enabled
Version 2.2.13 - Moosomin
-------------------------------
Core - General
- Explicitly add a function or two to the allowed functions in PHP secure mode.
DesignManger v1.1.7
- Fix a warning in PHP 7.3+
FileManager v1.6.10
- Fix minor XSS vulnerabilities in FileManager.
News v2.51.8
- Fix a security issue in the default action with the idlist param
(This version was also separately released in the forge)
Version 2.2.12 - Osoyoos
-------------------------------
NOTICE: Due to the nature of the security issue fixed in FileManager after upgrading you should change your database password.
Core - General
- Fix warning in cms_html_entity_decode
FileManager v1.6.9.1
- Security fixes for view action.
Version 2.2.11 - Vulcan
-------------------------------
Core - General
- Fix minor bug in copying content objects.
- Minor fix to array indexes when filling params in ContentBase.
- Fix to the {cms_filepicker} plugin.
- Minor fix to the 'my account' form.
- Fix error in cmsms_filepicker.js encountered in LISE.
- PHP 7.3 fix to DataDictionary::RenameColumnSQL.
CMSContentManager v1.1.8
- Fix an issue with copying non-core content objects.
- Minor fixes for php 7.3.
ModuleManager v2.1.7
- Minor exception handling improvements.
- Minor improvement to dependency detection with modules that do not exist in ModuleRepository.
- Minor fixes for php 7.3
News v2.51.6
- Minor improvements for CMSMS v2.3 compatibility.
Phar Installer v1.3.8
- Minor change to use include() instead of include_once()... not sure why.
FilePicker v1.0.4.1
- Fix type error.
Search v1.51.7
- Minor fixes for php 7.3.
Mini Shell