All page names need to be in English.
en da  de  fr  it  ja  km  nl  ru  zh

TYPO3 4.7.4

From TYPO3Wiki
Jump to: navigation, search

<< Back to Administrators page


Release Notes for TYPO3 4.7.4

This document contains information about TYPO3 version 4.7.4 which was released on August 15th 2012.


This release is a combined bug fix and security release.


Due to security issues found in the TYPO3 Core, there was a combined release of TYPO3 4.5.19, 4.6.12 and 4.7.4.
Find more details in the security bulletin:


MD5 checksums

a6b868a6c56e5583900595f59cbb3f75  blankpackage-4.7.4.tar.gz
f4b2107e3542ef27ccdedd176449d699  dummy-4.7.4.tar.gz
a8a11cb7c6f08635c3dbd26e9763e2ee  governmentpackage-4.7.4.tar.gz
f0fd18dcbeebb09d1a8c24821171c34c  introductionpackage-4.7.4.tar.gz
809d837eedf2594c52a27e85d93cc9ae  typo3_src-4.7.4.tar.gz


The usual upgrading procedure applies. No database updates are necessary.


Here is a list of what was fixed since 4.7.3:

2012-08-15  ccf6b0a                  [RELEASE] Release of TYPO3 4.7.4 (TYPO3 Release Team)
2012-08-15  14d5d72  #21634          [SECURITY] XSS in install tool (Mario Rimann)
2012-08-15  a1c3165  #32653          [SECURITY] Page Link Target vulnerable to XSS (Markus Bucher)
2012-08-15  8cf7db7  #25052          [SECURITY] XSS in validateForm (Markus Bucher)
2012-08-15  59e028a  #25356          [SECURITY] XSS in TCE forms (Christian Kuhn)
2012-08-15  758c217  #30967          [SECURITY] XSS in Scheduler Example Task (Mario Rimann)
2012-08-15  44e8ae6  #37127          [SECURITY] HTML5 support in RemoveXSS (Franz G. Jahn)
2012-08-15  7c778d3  #39345          [SECURITY] Information Disclosure in the Configuration Module (Mario Rimann)
2012-08-15  044ae9a  #33520          [SECURITY] Untrusted GP data is unserialized in old CSH handling (Marcus Krause)
2012-08-15  0bcecd8  #31927          [SECURITY] XSS in Indexed Search statistics (Steffen Gebert)
2012-08-15  774537c  #23226Security  [SECURITY] t3lib_div::quoteJSvalue allows XSS (Helmut Hummel)
2012-08-15  a9383b1                  [TASK] Raise submodule pointer (TYPO3 Release Team)
2012-08-15  7edbd63                  [TASK] Update version numbers to 4.7.4 (Steffen Ritter)
2012-08-08  c5e24ad                  [TASK] Set TYPO3 version to 4.7.4-dev (TYPO3 Release Team)
2012-08-08  136f73b                  [RELEASE] Release of TYPO3 4.7.3 (TYPO3 Release Team)

Past Release Notes

If you have skipped one or more versions while upgrading to this version, please make sure to read the ReleaseNotes of these versions as well.