SilverStripe version 3.1.11 stable has been released today, you can get a copy from our downloads section. All users of 3.1.0 and below or 3.1.11-rc1 are strongly advised to upgrade.
What's new in this version
This release includes two major fixes to the CMS and Framework, one being a critical security vulnerability, the other an issue in GridField which affects instances of SilverStripe running on servers with Suhosin enabled.
Details of security issue SS-2015-008 can be found on our security releases page. Sites which use the RestfulServer module, or provides limited CMS access to certain users, may be affected.
This issue has been resolved by adjustment to the behaviour of the SiteTree::canCreate method, some adjustments to SiteConfig, as well as much of the CMS user interface for managing the creation of new pages. In particular if user code overrides the SiteTree::canCreate method, it may be necessary to ensure you read the upgrading notes. Behaviour may change unless any necessary upgrades are not performed.
If you are using composer, upgrading is pretty simple. If you are linking to the 3.1.*-dev branch, you likely already have the update from the main branch, but if not a “composer update” will do the job.
If you are linked to a 3.1.* tag or development branch then update your composer.json as below.
You can create a new web project to try out using our composer web installer
composer create-project silverstripe/installer ./mynewproject 3.1.11