Package Changelog: typo3
apt-listchanges: Reading changelogs...
apt-listchanges: Changelogs
---------------------------
typo3-src (4.2.18~20110208svn-1) unstable; urgency=low
* debian/typo3-src-4.2.links:
- change link from /usr/share/javascript/prototype/prototype-1.6.0.js to
/usr/share/javascript/prototype/prototype-1.6.js
(fix debian lenny->squeeze upgrade)
-- Juergen Tretthahn Tue, 08 Feb 2011 14:58:45 +0100
typo3-src (4.2.17~20101228svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #16760: RTE transformation removes all span tags on save after
upgrade TYPO3 4.2.16
- Fixed bug #16825: Fatal error in lang.php (thanks to Georg Ringer)
-- Juergen Tretthahn Tue, 28 Dec 2010 12:15:23 +0100
typo3-src (4.2.17~20101216svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Updating version number to 4.2.17-dev after release of 4.2.16
- Release of TYPO3 4.2.16
- Fixed bug #16593: It is possible to bypass
'verifyFilenameAgainstDenyPattern'
- Fixed bug #16362: Directory traversal attack in em_unzip
- Fixed bug #15735: FORM content object is susceptible to XSS (thanks to
Benjamin Mack)
- Fixed bug #16653: SQL injection problem in class.db_list.inc (thanks to
Jigal van Hemert)
- Fixed bug #15737: quoteStrForLike does not properly escape strings in
sql_mode NO_BACKSLASH_ESCAPES
- Fixed bug #16590: t3lib_TSparser::checkIncludeLines() does not check
files to be included (thanks to Fabrizio Branca)
- Fixed bug #14402: XSS in Install tool (thanks to Benjamin Mack)
-- Juergen Tretthahn Thu, 16 Dec 2010 19:09:32 +0100
typo3-src (4.2.15+20101113svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #15456: Changes made by ColorPicker Wizard are not saved
(Thanks to Tobias Hoevelborn)
- Fixed bug #15503: Improve t3lib_userAuth::getCookie()
(Thanks to Michael Bürgi)
-- Juergen Tretthahn Sat, 13 Nov 2010 01:59:38 +0100
typo3-src (4.2.15+20101020svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #1318: 'removeTag' does not remove closing tags
- Fixed bug #12376: typo3temp got filled with thousands of javascript_*
files (Thanks to Georg Ringer)
-- Juergen Tretthahn Wed, 20 Oct 2010 18:14:40 +0200
typo3-src (4.2.15+20101008svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Updating version number to 4.2.16-dev after release of 4.2.15
- Release of TYPO3 4.2.15
- Fixed bug #15898: It is (still) possible to download arbitrary files
through the jumpurl feature (thanks to Helmut Hummel and Marcus Krause)
- Fixed bug #15733: Admin Panel is susceptible to XSS (thanks to Helmut
Hummel)
- Fixed bug #15729: Sysext setup's user simulation is susceptible to XSS
(thanks to Marcus Krause)
- Fixed bug #15728: Extension Manager allows to download arbitrary files
beyond PATH_site or rootpath (thanks to Marcus Krause)
- Fixed bug #15461: RemoveXSS exposes XSS vulnerability for double encoded
characters (thanks to Marcus Krause)
- Fixed bug #13650: Information disclosure in sys_actions (DB mount,
usergroups) (thanks to Georg Ringer)
- Fixed bug #5983: Undefined variable is used in
t3lib_BEfunc::exec_foreign_table_where_query
- Fixed bug #15653: Only show upload comments that are newer than installed
version in update function of EM
- Fixed bug #8260: Update Wizard in install tool force temp-configuration
files and load configuration twice
- Fixed bug #3908: DisplayCond => VERSION:IS:false always returns true
(Thanks to Daniel Poetzinger)
- Cleaned up ChangeLog
- Fixed bug #3819: t3lib_div::getIndpEnv('TYPO3_DOCUMENT_ROOT') delivers
wrong value in Backend
- Updating version number to 4.2.15-dev after release of 4.2.14
- Release of TYPO3 4.2.14
- Fixed bug #15282: It is impossible to set links to files any more with
the link wizard
- Fixed bug #15280: felogin redirect doesn't work anymore after update to
latest releases (4.2x - 4.4.x)
- Fixed bug #15265: InstallTool-login not possible after Update to 4.4.1
due to session_start() in extensions
- Fixed bug #15289: Element-Browser page tree has HSC'ed elements
- Updating version number to 4.2.14-dev after release of 4.2.13
- Release of TYPO3 4.2.13
- Fixed bug #13137: redirect/returnUrl isn't validated in core (thanks to
Georg Ringer and Marcus Krause)
- Fixed bug #12294: Unchecked URL-Redirect parameter in Front-End logon
(thanks to Steffen Kamper and Helmut Hummel)
- Fixed bug #14114: Core mailform is open to spam abuse (thanks to Lars
Houmark)
- Fixed bug #14412: Field value added to foreign_table_where by replacing
Xavier Perseguers)
- Fixed bug #14712: The GET/POST variable mimeType is used to create the
http header content-type without verification (thanks to Rupert Germann)
- Fixed bug #1985: XSS vulnerability in wizard classes
- Fixed bug #14389: phtml is also PHP extension and should be denied
editing / uploading via fileadmin (thanks to Ernesto Baschny)
- Fixed bug #15254: Extension Manager allows to edit arbitrary files if
noEdit flag is not set (thanks to Helmut Hummel)
- Fixed bug #13885: XSS in indexed search BE module (thanks to Benjamin
Mack)
- Fixed bug #12739: XSS in shortcuts (thanks to Francois Suter and Georg
Ringer)
- Fixed bug #13989: Mitigate PHP's RNG vulnerability (thanks to Marcus
Krause and Helmut Hummel)
- Fixed bug #12736: XSS in setup module (thanks to Georg Ringer)
- Fixed bug #12458: Session fixation possibility in new sesion machanism of
the install tool (thanks to Benjamin Mack, Helmut Hummel and Ernesto Baschny)
- Fixed bug #14215: XSS in beuser (thanks to Georg Ringer)
- Fixed bug #13957: XSS in template analyzer (thanks to Georg Ringer)
- Fixed bug #14317: XSS in Extension Manager (thanks to Georg Ringer)
- Fixed bug #13958: XSS in BE Log (thanks to Georg Ringer)
- Fixed bug #13960: XSS in sys_action (thanks to Georg Ringer)
- Fixed bug #13961: XSS in impexp (thanks to Georg Ringer)
- Fixed bug #14850: Information disclosure in t3lib_htmlmail (thanks to
Georg Ringer)
- Fixed bug #14950: XSS in t3editor (thanks to Tobias Liebig)
- Fixed bug #11618: XSS vulnerability in install tool / BE login (thanks to
Georg Ringer)
- Fixed bug #13292: TYPO3 error message reveals path to web root (thanks to
Xavier Perseguers)
- Fixed bug #14978: XSS in file tree (thanks to Georg Ringer)
- Fixed bug #15179: Tree depth retrieval inconsistently limited to 20
levels int3lib_pageSelect
- Fixed bug #8893: eval timesec sets seconds to zero (Thanks to Ralf
Hettinger and Andy Grunwald)
- Updated htmlArea RTE version to 1.7.16
- Fixed bug #14464: htmlArea RTE: Type of block accumulation if the block
is manually selected in Safari
- Fixed bug #5117: typolink: cHash corrupted due to linkVars
-- Juergen Tretthahn Fri, 08 Oct 2010 14:00:59 +0200
typo3-src (4.2.12+20100602svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #13934: Side-effect of substr in t3lib_cs (thanks to Rens
Admiraal)
- Fixed bug #14388: TypoScript templates containing a "$1" become corrupted
- Fixed bug #12923: Javascript error in tmenu_layers.php & gmenu_layers.php
(Thanks to Klaus Goessl)
- Fixed bug #14175: belog not shown / error when actions: error is selected
(thanks to Philipp Thiele)
- Fixed bug #14337: "The install tool is locked" doesn't send no-cache
headers (thanks to Steffen Gebert)
- Fixed bug #5003: prefixRelPath() incorrectly changes links to anchors
(Thanks to Jigal van Hemert)
- Fixed bug #13495: Workspace tiled Preview shows same version of Page
- Fixed bug #12470: PHP-5.3 error: function define_syslog_variables() is
deprecated (Thanks to Rupert Germann)
- Fixed bug #14276: tceforms: Title of a record does not use API call to
limit the character
- Fixed bug #14026: Main module does not load different navFrames in
submodules in dependency of navFrameScriptParam
- Fixed bug #14207: Duplicate submodule URL in JavaScript
- Cleanup: Fixed ChangeLog
- Fixed Changelog
- Fixed bug #14027: Tweak: Add "tiff" to imagefile_ext array
-- Juergen Tretthahn Wed, 02 Jun 2010 03:33:50 +0200
typo3-src (4.2.12+20100412svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #14005: Moving a page with IRRE records misplaces IRRE records
- Fixed bug #13959: Security precaution for extensions which use their own
autoloader. Note: This is the same fix which has been committed to TYPO3 4.3
where it is marked as a security fix. However, versions prior to TYPO3 4.3 do
not ship with an autoloader, so they are not affected by this problem unless an
extension provides its own autoloader.
- Updated htmlArea RTE version to 1.7.15
-- Juergen Tretthahn Mon, 12 Apr 2010 18:19:55 +0200
typo3-src (4.2.12+20100406svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #14003: "Check for extension updates" does not always find
latest version
-- Juergen Tretthahn Tue, 06 Apr 2010 14:15:42 +0200
typo3-src (4.2.12+20100330svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #1436: Meta tag output in indexed search result breaks layout
- Fixed bug #12375: typo3temp got filled with thousands of EXTERNAL_URL*
files
- Fixed bug #11696: External files with Umlauts/special chars in filename
are not indexed
-- Juergen Tretthahn Tue, 30 Mar 2010 13:20:50 +0200
typo3-src (4.2.12+20100326svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Follow-up to #13554: Make the code in line with follow-up to #13739
- Follow-up to #13739: Make the clickmenu work again and also for the case
when "Substitute Mount Point" is not set
-- Juergen Tretthahn Fri, 26 Mar 2010 17:29:56 +0100
typo3-src (4.2.12+20100325svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #13901: GIFBULDER generates same picture twice (in
typo3temp/GB) (thanks to Vladimir Podkovanov)
-- Juergen Tretthahn Thu, 25 Mar 2010 16:38:16 +0100
typo3-src (4.2.12+20100319svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Follow-up to bug #13739: CGL false=>FALSE
- Fixed bug #13739: "Show" clickmenu in page tree does not work for mount
pages
-- Juergen Tretthahn Fri, 19 Mar 2010 11:51:41 +0100
typo3-src (4.2.12+20100316svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Follow-up to #1104: fix 'required' validation for IRRE records
-- Juergen Tretthahn Tue, 16 Mar 2010 11:10:15 +0100
typo3-src (4.2.12+20100315svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #13283: Thumbnail generation broken for PDF files
-- Juergen Tretthahn Mon, 15 Mar 2010 15:56:40 +0100
typo3-src (4.2.12+20100312svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #9218: htmlArea RTE: "Remove format" messes up some inline
formats
-- Juergen Tretthahn Fri, 12 Mar 2010 11:12:24 +0100
typo3-src (4.2.12+20100308svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #1104: Setting file fields in TCA to "required" makes it
impossible to save the record
- Fixed bug #13057: htmlArea RTE sometimes deletes contents
- Fixed bug #13554: Web>View on mount pages via backend (thanks to Georg
Ringer)
-- Juergen Tretthahn Mon, 08 Mar 2010 11:00:09 +0100
typo3-src (4.2.12+20100227svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #8191: IRRE - Storing data crashes somehow with MM tables
- Follow-up to #13470: split() is deprecated, using t3lib_div::trimExplode
instead
- Follow-up to bug #13470: duplicated function getCookie commited by mistake
- Fixed bug #13470: Session/Login not working in IE8 across subdomains
- Fixed bug #13258: Make TYPO3 v4.2 work again with PHP 5.1 (was broke
since the case since 4.2.11)
- Fixed bug #13637: [EM] Upload to TER is broken
- Updating version number to 4.2.13-dev after release of 4.2.12
- Release of TYPO3 4.2.12
- Fixed bug #12630: XSS in filelist module
- Fixed bug #13558: XSS in t3lib_querygenerator
- Fixed bug #12634: XSS in the access module
- Fixed bug #12628: XSS in sysext sys_action
- Fixed bug #11620: XSS vulnerability in task center module
- Fixed bug #11621: XSS vulnerabilities in workspace module
- Fixed bug #13249: XSS in TS Object Browser
- Fixed bug #11617: XSS in template module
- Fixed bug #13042: XSS in index.php
- Fixed bug #13394: Information disclosure in sysext:sys_actions
- Fixed bug #12958: Catchable fatal error in indexed_search
- Fixed bug #13406: thumbs.php: Thumbnails for images with transparent
background look ugly (Thanks to Andreas Wolf and Steffen Ritter)
- Backported changeset 6927 from trunk: Fixed bug #12220
-- Juergen Tretthahn Sat, 27 Feb 2010 16:30:16 +0100
typo3-src (4.2.11+20100203svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Backported changeset 6833 from trunk: Fixed bug #13388
0013388: Missing : in locallangs (DB & File mounts)
- Backported changeset 6787 from trunk: Fixed bug #12553
0012553: Text "A simple table with up to 8 columns." is wrong,
there are really more than 8 cols possible
-- Juergen Tretthahn Wed, 03 Feb 2010 13:56:04 +0100
typo3-src (4.2.11+20100121svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed #11089: Fixing the built-in shopping basket (Thanks to Mathias
Schreiber)
- Backported changeset 6783 from trunk: Fixed bug #13255
- Cleanup: Fixed ChangeLog
- Updating version number to 4.2.12-dev after release of 4.2.11
- Release of TYPO3 4.2.11
- Fixed bug #11968: Sporadic random Backend Logoffs / Add X-UA-Compatible
flag (Thanks to Steffen Gebert)
- Fixed bug #12507: (Un)Install icon points to wrong extension in Opera
(Thanks to Steffen Gebert)
- Updated htmlArea RTE version to 1.7.14
- Updated RTE htmlArea version to 1.7.14
-- Juergen Tretthahn Thu, 21 Jan 2010 13:25:23 +0100
typo3-src (4.2.11~20100105svn-2) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #12341: Image generation broken with PHPs safe_mode activated
and GraphicsMagick (Thanks to Marcus Krause, Helmut Hummel and Bernhard Kraft)
-- Juergen Tretthahn Tue, 05 Jan 2010 15:29:18 +0100
typo3-src (4.2.11~20100105svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #12506: JSMENU does not respect mount point overlays (Thanks to
Joerg Wagner)
-- Juergen Tretthahn Tue, 05 Jan 2010 12:27:17 +0100
typo3-src (4.2.11~20100104svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #5260: Function linkWrapFile() in file class.file_list.inc uses
wrong PATH prefix
- Fixed bug #12505: JSMENU's showActive is broken (Thanks to Joerg Wagner)
- Fixed bug #13064: Deprecated function spliti for PHP5.3
-- Juergen Tretthahn Mon, 04 Jan 2010 12:10:02 +0100
typo3-src (4.2.11~20091214svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #12072: Permanent login checkbox is not shown as expected
- Fixed bug #13021: Mistyping prevents the CSV-export of the _PATH_field in
List-View (thanks to Mathias Gisch)
- Fixed bug #12782: htmlArea RTE: Editing a link title or target with
Firefox 3 sometimes simply unlinks the link
-- Juergen Tretthahn Mon, 14 Dec 2009 12:20:18 +0100
typo3-src (4.2.11~20091201svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #12467: TYPO3 Inline User Manual is broken
-- Package Maintainer Name Tue, 01 Dec 2009 13:15:04 +0100
typo3-src (4.2.11~20091125svn-2) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Follow-up to bugfix #12581: Use FILTER_FLAG_SCHEME_REQUIRED constant
in t3lib_div::isValidUrl()
-- Juergen Tretthahn Wed, 25 Nov 2009 16:13:43 +0100
typo3-src (4.2.11~20091125svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #12581: Pagetree frame shows HTTP 404 error
-- Juergen Tretthahn Wed, 25 Nov 2009 12:19:10 +0100
typo3-src (4.2.11~20091123svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #12500: Object does not support method calls - PHP 5.3
- Fixed bug #12684: htmlArea RTE: Repeated character / backspacing is slow
in Firefox
-- Juergen Tretthahn Mon, 23 Nov 2009 14:50:20 +0100
typo3-src (4.2.11~20091120svn-2) unstable; urgency=low
* new version (import upstream changes)
-- Juergen Tretthahn Fri, 20 Nov 2009 12:04:07 +0100
typo3-src (4.2.11~20091120svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #12677: htmlArea RTE: Incorrect cursor position after
backspace/delete in Firefox
-- Juergen Tretthahn Fri, 20 Nov 2009 11:53:22 +0100
typo3-src (4.2.11~20091118svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
-Fixed bug #11937: Do not show E_DEPRECATED messages on productive systems
-Fixed bug #12622: htmlArea RTE: Incorrect behaviour of last item of list
in gecko browsers
-Updated htmlArea RTE version to 1.7.13
-Fixed bug #11362: htmlArea RTE: Cursor may not be put in list elements
newly created in front of links
-Fixed bug #12421: htmlArea RTE: Paste is erratic in Opera 10 when
server-based cleaning is enabled
-Fixed bug #12597: htmlArea RTE: cursor position is not restored by
undo/redo operations in Opera
-Follow-up to bugfix #12324: Renamed sanitizeBackEndUrl() to
sanitizeLocalUrl() in t3lib_div
-Fixed bug #12324: Page tree will not be shown in the TYPO3 backend
-Fixed bug #12568: htmlArea RTE: Text pasted by Safari is wrapped in span
or font tags
-Fixed bug #12566: htmlArea RTE: Selecting element from status bar does
not work in Safari
-Fixed bug #12115: htmlArea RTE "Create link" button doesn't become
clickable when using keyboard to select text in Safari/Chrome
-Fixed bug #12534: htmlArea RTE: list creation looses text in Safari
-Follow-up to #11847: htmlArea RTE displays empty editing area in Opera 10
-Fixed bug #12481: AllowClipboard Helper Firefox extension does not work
with FF 3.5
-- Juergen Tretthahn Wed, 18 Nov 2009 11:28:55 +0100
typo3-src (4.2.11~20091105svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #11876 and #12342: stripSlashesOnArray creates references where you want copies
(in some PHP versions). Affects usage of _GP (e.g. in the Install Tool and some frontend extensions).
- Fixed bug #9513: t3editor bad line numbering
- Fixed bug #12331: htmlArea RTE plugins may not be loaded for multiple RTEs
- Fixed bug #12371: Warning issued on first load of install tool with open_basedir set
- Fixed bug #9795: Default values have no labels in the multiple select control inside the flexform
-- Juergen Tretthahn Thu, 05 Nov 2009 13:42:09 +0100
typo3-src (4.2.11~20091023svn-1) unstable; urgency=low
* new version (import upstream changes)
-- Juergen Tretthahn Fri, 23 Oct 2009 18:14:52 +0200
typo3-src (4.2.9+20091001svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #11433: touch(): Utime failed in install tool
-- Juergen Tretthahn Thu, 01 Oct 2009 14:50:45 +0200
typo3-src (4.2.8+20090924svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #11224: Special menu directory only renders 1st level if special.value is a mount point
- Fixed bug #11995: Prompt for keyboard input does not get displayed in CLI scripts
- Fixed bug #11986: dynamic update of translation status im EM is broken
- Fixed bug #9270: Editors can´t undelete records in history (thanks to Christian Hernmarck)
- Follow-up to bug #11946: htmlArea RTE: reference was made to context menu item after context menu was closed
- Fixed bug #11915: htmlArea RTE: superfluous span tags in content after server-based cleaning on paste operation
- Fixed bug #11946: htmlArea RTE: table properties editing dialogue windows loose focus after opening in IE8
- Fixed bug #11847: htmlArea RTE displays empty editing area in Opera 10
- Fixed bug #11845: Typo in a CLI error mesage: suue -> sure
- reverted changes from rev 5834
- Fixed bug #11803: sysext opendocs is shy (thanks to Steffen Gebert)
-- Juergen Tretthahn Thu, 24 Sep 2009 12:03:55 +0200
typo3-src (4.2.8+20090827svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #11731: ENABLE_INSTALL_TOOL file check in yellow box does
not check the file age (thanks to Moreno Feltscher)
-- Juergen Tretthahn Thu, 27 Aug 2009 14:30:45 +0200
typo3-src (4.2.8+20090819svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #11716: Install Tool always sets
TYPO3_CONF_VARS[FE][disableNoCacheParameter] upon save
-- Juergen Tretthahn Wed, 19 Aug 2009 19:17:35 +0200
typo3-src (4.2.8+20090818svn-1) unstable; urgency=low
* now really import the changes mentioned in version 4.2.8+20090812svn-1
-- Juergen Tretthahn Tue, 18 Aug 2009 21:09:52 +0200
typo3-src (4.2.8+20090812svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #11513: cache_hash table could not be filled because
information field (ident) was too short (thanks to Ingo Schmitt)
- Follow-up to bug #11513: Shorten one ident field which is known to be
too long (solved the issue on those setups where the DB is not updated)
-- Juergen Tretthahn Wed, 12 Aug 2009 13:27:02 +0200
typo3-src (4.2.8+20090804svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #10769: Wrong encoded email header
-- Juergen Tretthahn Tue, 04 Aug 2009 17:25:44 +0200
typo3-src (4.2.8+20090723svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug: #11006: Tooltip for page path in Page/List module is missing
- Fixed bug #6875: IRRE - Sorting of child records is inverted on moving
parent record to different page
-- Juergen Tretthahn Thu, 23 Jul 2009 12:52:23 +0200
typo3-src (4.2.8+20090714svn-1) unstable; urgency=low
* new version (import upstream changes)
* Includes:
- Fixed bug #11412: Using typolinkLinkAccessRestrictedPages does not take
different domain names into account
- same error message is used twice for different errors
-- Juergen Tretthahn Tue, 14 Jul 2009 16:39:53 +0200
typo3-src (4.2.8+20090704svn-1) unstable; urgency=low
* New upstream release.
* This package was downloaded from the TYPO3_4-2 branch of typo3 svn
repository
* debian/rules:
- remove RELEASE_NOTES.txt and README.txt from dh_installdocs
-- Juergen Tretthahn Sat, 04 Jul 2009 03:22:59 +0200
typo3-src (4.2.6-1) unstable; urgency=high
* New upstream release.
- fixes TYPO3 Security Bulletin TYPO3-SA-2009-002: Information
disclosure and XSS vulnerabilities in TYPO3 (Closes: 514713)
-- Christian Welzel Mon, 10 Feb 2009 12:00:00 +0100
typo3-src (4.2.5-1) unstable; urgency=medium
* New upstream release.
- fixes a serious bug in session handling with not logged in FE-Users.
-- Christian Welzel Mon, 26 Jan 2009 20:00:00 +0100
typo3-src (4.2.4-1) unstable; urgency=high
* New upstream release.
- fixes TYPO3 Security Bulletin TYPO3-SA-2009-001: Multiple vulnerabilities
in TYPO3 Core (Closes: 512608)
* Updated package description.
* Updated copyright file to list the license of two icons.
-- Christian Welzel Thu, 22 Jan 2009 12:00:00 +0100
typo3-src (4.2.3-1) unstable; urgency=high
* New upstream release.
- fixes XSS vulnerability in Typo3 backendmodul "fileadmin" (Closes: 505324)
- fixes XSS vulnerability in Typo3 sysext "felogin" (Closes: 505325)
- fixes the passwords are not changeable bug in the backend (Closes: 505326)
* added dependency on libjs-scriptaculous
-- Christian Welzel Tue, 11 Nov 2008 20:00:00 +0100
typo3-src (4.2.2-1) unstable; urgency=low
* New upstream release.
-- Christian Welzel Wed, 25 Jun 2008 20:00:00 +0100
typo3-src (4.2.1-3) unstable; urgency=low
* Fixed versioned dependency on libjs-prototype
-- Christian Welzel Wed, 25 Jun 2008 20:00:00 +0100
typo3-src (4.2.1-2) unstable; urgency=low
* Moved libjs-prototype from Recommends-field do Depends-field.
-- Christian Welzel Sun, 22 Jun 2008 11:00:00 +0100
typo3-src (4.2.1-1) unstable; urgency=low
* New upstream release.
- Support for php4 has been dropped.
* cleaned typo3.README.Debian and typo3-src-4.2.README.Debian
* some fixes to debian/rules
* Depend on libjs-prototype for prototype.js (Closes: 475282)
* Raised stardards version to 3.8.0
-- Christian Welzel Fri, 20 Jun 2008 22:00:00 +0100
typo3-src (4.1.7-1) unstable; urgency=high
[ Christian Welzel ]
* New upstream release
- fixes TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core
(Closes: #485814)
[ Holger Levsen ]
* Change recommends from gs to ghostscript.
* Remove obsolete overrides for linda, which is obsolete itself.
* Fix spelling error in description.
-- Christian Welzel Wed, 11 Jun 2008 15:00:00 +0100
typo3-src (4.1.6-1) unstable; urgency=low
* New upstream release.
* Dependency changed from ttf-bitstream-vera to ttf-dejavu (Closes: 461294)
-- Christian Welzel Sun, 09 Mar 2008 10:00:00 +0100
typo3-src (4.1.5-1) unstable; urgency=medium
* New upstream release (Closes: 454265).
-- Christian Welzel Fri, 14 Dec 2007 20:00:00 +0100
typo3-src (4.1.4-1) unstable; urgency=low
* New upstream release.
- Fixes a low-severity SQL injection in the modfunc2 of indexed_search
* t3lib/fonts/readme.txt is now patched by dpatch.
* nimbus.sfd.gz added to debian diff (perl encoded).
* copying of linda overides slightly changed.
* added watch file.
* unreleased.
-- Christian Welzel Thu, 13 Dec 2007 21:00:00 +0100
typo3-src (4.1.2+debian-1) unstable; urgency=low
* New upstream release.
- Several improvements to avoid security issues by 3rd party extensions.
* Added linda overrides.
* Fixed some whitespaces in t3lib/fonts/readme.txt.
-- Christian Welzel Wed, 18 Jul 2007 14:00:00 +0100
typo3-src (4.1.1+debian-1) unstable; urgency=low
* New upstream release.
- Fixes problem with rtehtmlarea and Mozilla Firefox 2.0.0.3
-- Christian Welzel Wed, 04 Apr 2007 14:00:00 +0100
typo3-src (4.1.0+debian-1) unstable; urgency=low
* New upstream release.
-- Christian Welzel Tue, 20 Mar 2007 09:00:00 +0100
typo3-src (4.0.5+debian-1) unstable; urgency=low
* New upstream release.
- Fixes "TYPO3 Security Bulletin TYPO3-20070221-1: Email header injection"
* Removed t3lib_div-PHP52.dpatch (now integrated by upstream)
* Fixed typo and added note to typo3.README.Debian (Closes: 405577)
-- Christian Welzel Thu, 22 Feb 2007 21:00:00 +0100
typo3-src (4.0.4+debian-2) unstable; urgency=low
* Added t3lib_div-PHP52.dpatch to fix crash of PHP 5.2.0
-- Christian Welzel Fri, 22 Dec 2006 12:00:00 +0100
typo3-src (4.0.4+debian-1) unstable; urgency=high
* New upstream release.
- Fixed security problem in rtehtmlarea extension. (Closes: 403906)
-- Christian Welzel Sat, 20 Dec 2006 23:35:41 +0100
typo3-src (4.0.3+debian-1) unstable; urgency=low
* New upstream release.
* added some comments on memory usage and further help to README.Debian.
(Closes: 403114)
* Changed ownership of /usr/share/typo3/typo3_src-4.0 to root:www-data.
* Dropped depend on imagemagick. Use graphicsmagick (better results).
-- Christian Welzel Sat, 16 Dec 2006 23:05:41 +0100
typo3-src (4.0.2+debian-1) unstable; urgency=low
* Depend on ttf-bitstream-vera for vera.ttf (Closes: 374141)
* Repackaged source.tgz to include source and license of nimbus.ttf.
(Closes: 374137)
* Removed the creation of "latest"-link; typo3-dummy has hardcoded sourcedir.
-- Christian Welzel Mon, 24 Nov 2006 12:37:00 +0200
typo3-src (4.0.2-3) unstable; urgency=low
* Do not depend on gs. This violate the policy. Recommend it.
* Removed suggestion of typo3-site-installer.
* Changed recommendation of mysql-server-4.1 to mysql-server.
* Changed recommendation of graphicsmagick-im-compat | imagemagick to
graphicsmagick | graphicsmagick-imagemagick-compat | imagemagick
-- Christian Welzel Mon, 23 Nov 2006 19:37:00 +0200
typo3-src (4.0.2-2) unstable; urgency=low
* Do not depend on php-mysql. Recommendation is enough.
* moved phpX-cgi to Depends as another alternative (Typo3 and PHP in fcgid)
* added phpX-xcache to Recommends
-- Christian Welzel Mon, 21 Oct 2006 19:37:00 +0200
typo3-src (4.0.2-1) unstable; urgency=low
* New maintainer (Closes: #388766).
* New upstream release (Closes: #341709):
- fixed by upstream: Remote command execution, arbitrary file viewing
[CVE-2006-0327] (Closes: #364351).
- fixed by upstream: Mail forms can be used to send spam (Closes: #364350).
* removed recommendation of eaccelerator (Closes: #377821).
* removed dep on non existing ooo_extract (Closes: #310776).
* added alternative dep on php-cgi (Closes: #311277).
* added alternative dep on php5 (Closes: #366533).
-- Christian Welzel Mon, 18 Sep 2006 12:37:00 +0200
typo3-src (3.7.0-8) unstable; urgency=low
* debian/control: depend on MySQL > 4.0.18 to allow the usage of the
versioning extension
-- Christian Leutloff Wed, 11 May 2005 18:07:56 +0200
typo3-src (3.7.0-7) unstable; urgency=low
* debian/typo3.README.Debian: started new section with common pitfalls
-- Christian Leutloff Mon, 9 May 2005 09:56:37 +0200
typo3-src (3.7.0-7) unstable; urgency=low
* debian/control: modified dependencies according to Michael Stucki
* debian/typo3.README.Debian: mention packages source for eaccelerator
and graphicsmagick
-- Christian Leutloff Fri, 6 May 2005 14:57:06 +0200
typo3-src (3.7.0-6) unstable; urgency=low
* debian/typo3-src-3.7.prerm: can not remove the symlink maintained by this
package
* debian/typo3-src-3.7.postinst: reworked
* debian/typo3-src-3.7.README.Debian: updated to version 3.7
-- Christian Leutloff Wed, 4 May 2005 21:48:04 +0200
typo3-src (3.7.0-5) unstable; urgency=low
* debian/control: added dependency to libapache2-mod-php4 | libapache-mod-php4
(thanks to Thomas Barth)
* typo3.README.Debian: clarified some points
-- Christian Leutloff Wed, 4 May 2005 16:25:52 +0200
typo3-src (3.7.0-4) unstable; urgency=low
* control: added depned on postfix as an alternative to exim
* added TODO file
* typo3.README.Debian: concentrated now all the TYPO3 specific remarks
in this single file and added references in the READMEs of the other
packages
* renamed packages from typo3-db-dummy to typo3-dummy
-- Christian Leutloff Wed, 4 May 2005 07:45:12 +0200
typo3-src (3.7.0-3) unstable; urgency=low
* typo3.README.Debian: more improvements through doing a step by step validation
-- Christian Leutloff Fri, 22 Apr 2005 18:40:27 +0200
typo3-src (3.7.0-2) unstable; urgency=low
* polish package documention in typo3
-- Christian Leutloff Mon, 11 Apr 2005 19:18:00 +0200
typo3-src (3.7.0-1) unstable; urgency=low
* un-do package split because the way choosen was to simple
-- Christian Leutloff Tue, 23 Nov 2004 21:13:46 +0100
typo3-src (3.7.0-0.2) experimental; urgency=low
* Add dependency on libgd2-xpm (>= 2.0.28-2), as mentioned by
renedustmann@maxx2.de in news:typo3.install.debian on 13.08.2004 to be
a working combination.
* add provides typo3-frontend/typo3-backend
-- Christian Leutloff Thu, 4 Nov 2004 10:51:32 +0100
typo3-src (3.7.0-0.1) experimental; urgency=low
* NMU, working towards inclusion into the Debian main archive
* update to new upstream version
* updated to Standards 3.6.1
* packaging reworked: split package in frontend and backend to allow
installation of frontend only servers (as mentioned in the Typo3-Book)
* packaging reworked: Undoing the "Move everything from /usr/share/typo3
to /var/lib/typo3 This solves all problems we had with
symlinks. However, I think it is not really FHS-conform, so I'm still
not happy with that." from 3.5.0-3 to be FHS and Debian conform.
* manage "lastest" symlink in postinst and prerm
* change package priority from extra to optional
-- Christian Leutloff Wed, 3 Nov 2004 19:43:08 +0100
typo3-src (3.5.0-7) experimental; urgency=low
* typo3-site-installer: complete rewrite
* typo3-site-installer: added 2 more options (-a, -g)
* the source of TYPO3 now belongs to root.root (was root.www-data)
* example localconf.php: now using the im_noFramePrepended option
* typo3-site-installer: manpage update
* typo3-base now depends on apache or httpd (provided by apache-ssl, etc.)
-- Michael Stucki Mon, 20 Oct 2003 23:00:24 +0200
typo3-src (3.5.0-6) experimental; urgency=low
* removed dependency for apache and php4 in typo3-base
* typo3-site-installer: one more bugfix in sed command
-- Michael Stucki Tue, 16 Sep 2003 01:07:37 +0200
typo3-src (3.5.0-5) experimental; urgency=low
* typo3-site-installer: Added README.Debian / removed obsolete documentation
* Added a manpage for typo3-site-installer (thanks to Edelhard Becker)
* typo3-site-installer.sh was renamed to typo3-site-installer
* typo3-site-installer: accepts abolute paths now
* typo3-site-installer: compatibility bugfix in sed command
-- Michael Stucki Mon, 16 Jun 2003 18:11:53 +0100
typo3-src (3.5.0-4) experimental; urgency=low
* Fixes in typo3-base preinst script
* typo3-site-installer does no more need to download a dummysite archive
-- Michael Stucki Thu, 5 Jun 2003 17:42:08 +0100
typo3-src (3.5.0-3) experimental; urgency=low
* Added a localconf.php example
* Added a new package "typo3-site-installer" that contains a little install
helper
* Added a new package "typo3-env" which depends on all needed components.
"typo3-base" only recommends them, since you could still run your server
without them. However it's easier to to an 'apt-get install typo3-env'
since apt wouldn't worry about the recommendations else.
* Fix wrong PHP short tags: ' ' Thu, 5 Jun 2003 02:07:28 +0100
typo3-src (3.5.0-2) experimental; urgency=low
* Change ownership of /var/lib/typo3 to www-data (webserver could not write
global extensions before)
* Fix problem with some missing files by adding symlinks in
/var/lib/typo3/ (this is only a workaround, I am not happy with
this solution...)
-- Michael Stucki Wed, 26 Mar 2003 15:40:44 +0100
typo3-src (3.5.0-1) experimental; urgency=low
* New upstream release
* Move /var/cache/typo3 to /var/lib/typo3 (this was wrong, since extensions
are not really cache files...)
-- Michael Stucki Sat, 22 Feb 2003 17:16:24 +0100
typo3-src (3.5b5-5) experimental; urgency=low
* Alter contents of debian/executables
* Update TODO notes
* Move typo3/ext to /var/cache/typo3//ext (keep read-only for now)
* t3lib/config_default.php: Change 'TTFdpi' from 72 to 96
-- Michael Stucki Tue, 11 Feb 2003 13:39:04 +0100
typo3-src (3.5b5-4) experimental; urgency=low
* Update TODO notes
* Move typo3/temp to /var/cache/typo3//temp
* Do some code cleanup in debian/rules
-- Michael Stucki Thu, 6 Feb 2003 19:57:37 +0100
typo3-src (3.5b5-3) experimental; urgency=low
* Fix some dependencies
-- Michael Stucki Thu, 6 Feb 2003 05:39:51 +0100
typo3-src (3.5b5-2) experimental; urgency=low
* Add a note in README.Debian about how to use this package at all
* Fix Lintian complains: Small changes in copyright file
* Add recommendation for php4-cgi (used by some direct_mail scripts)
* Fix Lintian complains: Change ownership of /typo3/temp from root to
www-data; remove write permission for group
* Fix permissions for executable scripts
* Add symlink that points to latest source installation
-- Michael Stucki Sat, 1 Feb 2003 05:14:52 +0100
typo3-src (3.5b5-1) experimental; urgency=low
* Initial Release.
-- Michael Stucki Fri, 31 Jan 2003 12:31:54 +0100