Skip to content

Commit 5870fd1

Browse files
committed
Release 3.17.14+190902
1 parent 32d6a52 commit 5870fd1

File tree

2 files changed

+42
-2
lines changed

2 files changed

+42
-2
lines changed

Diff for: application/config/version.php

+2-2
Original file line numberDiff line numberDiff line change
@@ -12,9 +12,9 @@
1212
*/
1313

1414

15-
$config['versionnumber'] = '3.17.13';
15+
$config['versionnumber'] = '3.17.14';
1616
$config['dbversionnumber'] = 359;
1717
$config['buildnumber'] = '';
1818
$config['updatable'] = true;
19-
$config['assetsversionnumber'] = '30095';
19+
$config['assetsversionnumber'] = '30096';
2020
return $config;

Diff for: docs/release_notes.txt

+40
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,46 @@ Thank you to everyone who helped with this new release!
3434

3535
CHANGE LOG
3636
------------------------------------------------------
37+
Changes from 3.17.13 (build 190824) to 3.17.14 (build 190902) September 2, 2019
38+
-Fixed issue: setting "Show header in answers export PDFs" not taken in account (LouisGac)
39+
-Fixed issue: [security]XSS in admin box buttons - kindly reported by Pavol Michalec & Frederik Koľbík (Carsten Schmitz)
40+
-Fixed issue: [security]XML breakout possible on export - kindly reported by Pavol Michalec & Frederik Koľbík (Carsten Schmitz)
41+
-Fixed issue: [security]X-Frame-Options SAMEORIGIN not set by default - kindly reported by Pavol Michalec & Frederik Koľbík (Carsten Schmitz)
42+
-Fixed issue: [security]User unaware that SSL encryption should be enforced (Carsten Schmitz)
43+
-Fixed issue: [security]Path revelation (Carsten Schmitz)
44+
-Fixed issue: [security]LDAP login non-generic login message - kindly reported by Pavol Michalec & Frederik Koľbík (Carsten Schmitz)
45+
-Fixed issue: [security]LDAP login non-generic login message - kindly reported by Pavol Michalec & Frederik Koľbík (Carsten Schmitz)
46+
-Fixed issue: [security]Equation signs are not masked by default on data export (Carsten Schmitz)
47+
-Fixed issue: [security]Equation signs are not masked by default on data export (Carsten Schmitz)
48+
-Fixed issue: [security]CSRF cookie missing HTTP only parameter- kindly reported by Pavol Michalec & Frederik Koľbík (Carsten Schmitz)
49+
-Fixed issue: [security]Admin user without permissions can still see plugins page - kindly reported by Pavol Michalec & Frederik Koľbík (Carsten Schmitz)
50+
-Fixed issue: [security]Admin user with settings permissions can can run integrity check - kindly reported by Pavol Michalec & Frederik Koľbík (Carsten Schmitz)
51+
-Fixed issue: [security]Admin user with limited permissions can view/update/delete reserved menu entries (Carsten Schmitz)
52+
-Fixed issue: [security]Admin user can mark other user notification as read (Carsten Schmitz)
53+
-Fixed issue: [security] Database backup uses browser cache (Carsten Schmitz)
54+
-Fixed issue: [security] Browser cache used for exports (Carsten Schmitz)
55+
-Fixed issue: [security] #15204: Stored XSS vulnerabilities - Thanks to J. Greil from the SEC Consult Vulnerability Lab (https://www.sec-consult.com) (Denis Chenu)
56+
-Fixed issue: [security] #15204: Reflected XSS vulnerabilities - thanks to J. Greil from the SEC Consult Vulnerability Lab (Denis Chenu)
57+
-Fixed issue: Survey upload self-reflecting XSS (Carsten Schmitz)
58+
-Fixed issue: Sidebar not working on IE11 (lacrioque)
59+
-Fixed issue: Memory issues if too many responses exist for the same token in a non-anonymous survey (Carsten Schmitz)
60+
-Fixed issue: Memory issues if too many responses exist for the same token in a non-anonymous survey (Carsten Schmitz)
61+
-Fixed issue: LsTutorial only working in debug mode (lacrioque)
62+
-Fixed issue: Language not updated on import and overwrite in CPDB (lacrioque)
63+
-Fixed issue: JS error in firstStartTour onShow code (#1315) (Martin Unkel)
64+
-Fixed issue: After survey activation the ExpressionManager cache was not updated (Carsten Schmitz)
65+
-Fixed issue #15212: Survey navigation shows message "Please use the survey navigation buttons...[]" instead of navigating (Carsten Schmitz)
66+
-Fixed issue #15209: 500 error when try to save long administrator name (Denis Chenu)
67+
-Fixed issue #15208: MSSQL error on 2nd page of theme (Denis Chenu)
68+
-Fixed issue #15199: MSSQL : date/time question are not reloaded properly (Denis Chenu)
69+
-Fixed issue #15197: Submitting empty menu entry crashes application ( Application Denial of Service) (lacrioque)
70+
-Fixed issue #15194: Unable to remove page title from PDF generated at "print answers" screen (LouisGac)
71+
-Fixed issue #15192: entering html code inside the answeroptions for List type questions will break/alter the html for editing answers (Patrick Teichmann)
72+
-Fixed issue #15188: Access Label sets list (lacrioque)
73+
-Fixed issue #14863: Extending core theme using the same core theme name (Eddy Lackmann)
74+
-Fixed issue #10168: Commit test! Ignore (Carsten Schmitz)
75+
-New translation: Filipino (Carsten Schmitz)
76+
3777
Changes from 3.17.12 (build 190823) to 3.17.13 (build 190824) August 24, 2019
3878
-Fixed issue #15185: Surveys with less or more then 4-6 digits will not display the sidepanel (Patrick Teichmann)
3979

0 commit comments

Comments
 (0)