TYPO3 versions 4.1.4 and 4.0.8 are ready for download. They are maintenance releases of versions 4.0 and 4.1. Both versions contain only bugfixes and one low-severity security fix.
The most notable changes of 4.1.4 were:
- Fixed a low-severity SQL injection in the modfunc2 of indexed_search
- The issue was only exploitable by BE users
- The severity of the issue was limited because addslashes() was already applied to the value - yet not within a quoted string
- For details see the bulletin
- Translated language files were not always loaded
- A couple of issues with HTMLArea have been fixed
- Fixes of "Limit to Language" functionality
- Fixes regarding Inline Relational Record Editing (IRRE):
- IRRE - RTEhtmlarea is not show in child records if parent has no RTE
- IRRE - Combination mode doesn't save new child records correctly
- IRRE - Palettes are not rendered correctly on nesting records using the same table
- Flexforms didn't resolve sheets correctly causing "Cannot use string offset as an array" error message
The only notable changes in 4.0.8 were:
- The above mentioned security fix to indexed_search
- A bugfix to image generation
MD5-Sums:
7006f633d367c4a46f0c5ba0e5df8485 *dummy-4.0.8.tar.gz e371a2babb36e3049024729c02a20d5c *dummy-4.1.4.tar.gz d9a4510de04996f276a25635960e7179 *dummy-4.0.8.zip e84832ce8d8fa9b990e7d7f4c492ec26 *dummy-4.1.4.zip 8c5cb9530c8ecfc2ded061dd3f9f7165 *typo3_src-4.0.8.tar.gz 63df7b77dd778fb55f3fed7a6542e90d *typo3_src-4.1.4.tar.gz a3476bfaffdcdf7532d7e8fd05fd89b6 *typo3_src-4.0.8.zip 8048904085d78bf114036fd3e8140bda *typo3_src-4.1.4.zip 00995794cd18cc541a7d34f98703105b *typo3_src_dummy-4.0.8.zip aa2a059ee393d6cf038170511f1464c0 *typo3_src_dummy-4.1.4.zip