SilverStripe version 3.1.10 stable has been released today, you can get a copy from our downloads section. All users of 3.1.9 and below are strongly advised to upgrade.
What's new in this version
The major changes included in this release are improvements to encoding within the framework and cms, to ensure that any cross site scripting vulnerabilities are closed.
While these vulnerabilities are not minor issues, they can only be exploited by users with CMS access directly, and users with only trusted CMS users should not be at risk of malicious attack.
For specific details of these issues check our security announcement page. See the changelog for information on other fixes and changes.
Upgrading
If you are using composer, upgrading is pretty simple. If you are linking to the 3.1.*-dev branch, you likely already have the update from the main branch, but if not a “composer update” will do the job.
If you are linked to a 3.1.* tag or development branch then update your composer.json as below.
"require": {
"silverstripe/cms": "3.1.10",
"silverstripe/framework": "3.1.10"
}
You can create a new web project to try out using our composer web installer
composer create-project silverstripe/installer ./mynewproject 3.1.10
Please note any issues you discover on our Github issue tracker for framework, cms, or the installer.
Post your comment
Comments
SilverStripe is my preferred CMS since the very beginning.
Posted by Jan, 20/02/2015 1:32am (9 years ago)
No one has commented on this page yet.
RSS feed for comments on this page | RSS feed for all comments