All page names need to be in English.
en da  de  fr  it  ja  km  nl  ru  zh

TYPO3 CMS 4.7.19

From TYPO3Wiki
Jump to: navigation, search

<< Back to Administrators page


Release Notes for TYPO3 CMS 4.7.19

This document contains information about TYPO3 CMS 4.7.19 which was released on May 22nd, 2014.


This release is a combined bug fix and security release.


Due to security issues found in the TYPO3 CMS Core, there was a combined release of TYPO3 CMS 4.5.34, 4.7.19, 6.0.14, 6.1.9 and 6.2.3.
Find more details in the security bulletin:


MD5 checksums

20accfeacd51a4cf543be4dbadc462ef  blankpackage-4.7.19.tar.gz
5f40f88f0827f3a4d09cd032cd5ecc56  dummy-4.7.19.tar.gz
279400cfb3c1c5c5ff7f7eb9a83ebad0  typo3_src-4.7.19.tar.gz


The usual upgrading procedure applies. No database updates are necessary.


Here is a list of what was fixed since 4.7.18:

2014-05-22  4ebc6ca                  [RELEASE] Release of TYPO3 4.7.19 (TYPO3 Release Team)
2014-05-22  07eba3e  #30377          [SECURITY] Add trusted HTTP_HOST configuration (Helmut Hummel)
2014-05-22  ec33beb  #54111,#54113   [SECURITY] XSS in (old) extension manager information function (Marc Bastian Heinrichs)
2014-05-22  fb096e3  #48695          [SECURITY] XSS in new content element wizard (Markus Klein)
2014-05-22  1389da5  #54109          [SECURITY] XSS in template tools on root page (Marc Bastian Heinrichs)
2014-05-22  65fc32f  #57576          [SECURITY] XSS in Backend Layout Wizard (Nicole Cordes)
2014-05-22  7bec5c8  #48693          [SECURITY] Encode URL for use in JavaScript (Markus Klein)
2014-05-22  b907b64  #56458          [SECURITY] Fix insecure unserialize in colorpicker (Helmut Hummel)
2014-05-22  c39bca9  #54526          [SECURITY] Remove charts.swf to get rid of XSS vulnerability (Helmut Hummel)
2014-04-16  53b74d7                  [TASK] Set TYPO3 version to 4.7.19-dev (TYPO3 Release Team)

Past Release Notes

If you have skipped one or more versions while upgrading to this version, please make sure to read the ReleaseNotes of these versions as well.