We're pleased to announce SilverStripe 2.4.2, our second update to the 2.4 codebase. This is now our recommended version of SilverStripe CMS to use on production websites.
As always, we'd like to thank members of our community for helping out with this release, by contributing patches, filing bugs, and generally sticking around to help others - you guys rock!
This release solves a number of potential security vulnerabilities:
- Draft pages were visible to unauthenticated users on specifically crafted URLs.
- An content author with access to the "Security" section in the CMS could potentially take over an administrator account.
These are now fixed in 2.4.2, along with several dozen minor bug fixes.You can review a list of the 100+ changes in our changelog.
Improved Windows Support
SilverStripe 2.4.2 offers increased confidence over past versions for running our software on Windows OS when using SQL Server as the database. Previously, you had to run SilverStripe on Linux for all unit tests to pass. As a result of fixing bugs and unit tests, all SilverStripe unit tests now pass when running on Windows. The work includes fixing full-text search for the SQL Server database module, fixing windows file path issues along with numerous other bug fixes for the Windows platform done in 2.4.0 and 2.4.1.
Other minor improvements
- Allows Apache to provide better error pages
- Improved unit testing reports
- Fixed the installer logic for SQLite database