TYPO3 11.5.16

Release Notes

Version 11.5.16

Release Notes for TYPO3 CMS 11.5.16

This document contains information about TYPO3 CMS 11.5.16 which was released on 13.09.2022.

Get TYPO3 11.5.16 now

Checksums of TYPO3 11.5.16


3785d9bb1ebede5b29524aaf82ff0ceadaad9e26522b1306c4390aa18313285c typo3_src-11.5.16.tar.gz
97d0feef196451e8077e9cf6f9d7f5888f954f2699eb482c9c251987f0c2df91 typo3_src-11.5.16.zip


5359a31fee0076bf9dc09236678d09ec478dc16a typo3_src-11.5.16.tar.gz
ce52157a050733bf2fe0e193097ac24cd8257c3f typo3_src-11.5.16.zip


709b46b4388b72a3d7d3c3672f5b2641 typo3_src-11.5.16.tar.gz
7938b3d5b13a53a9429acdba9c56c2d8 typo3_src-11.5.16.zip


The usual upgrading procedure applies. No database updates are necessary. It might be required to clear all caches; the "important actions" section in the TYPO3 Install Tool offers the accordant possibility to do so.


Here is a list of what was fixed since [11.5.15]:

  • 2022-09-13 bb2cf378b6 [RELEASE] Release of TYPO3 11.5.16 (thanks to Oliver Hader)
  • 2022-09-13 ff64855707 [SECURITY] Upgrade to typo3/html-sanitizer v2.0.16 (thanks to Oliver Hader)
  • 2022-09-13 c62e16fac0 [SECURITY] Encode child node variables in f:asset.css view helper (thanks to Oliver Hader)
  • 2022-09-13 546208428c [SECURITY] Mitigate cross-site-scripting in FileDumpController (thanks to Oliver Hader)
  • 2022-09-13 00b52a443b [SECURITY] Respect expiration time of password reset token (thanks to Torben Hansen)
  • 2022-09-13 f0fc9c4cd7 [SECURITY] Mitigate timing discrepancies during user authentication (thanks to Oliver Hader)
  • 2022-09-13 fc51ccbf2b [SECURITY] Mitigate denial-of-service scenarios in page error handler (thanks to Oliver Hader)
  • 2022-09-13 8f788d9406 [TASK] Prevent undefined array key warnings in ext:belog (thanks to Oliver Hader)
  • 2022-09-13 fdef8e79a4 [BUGFIX] Revert modified cache handling in form framework (thanks to Oliver Hader)
  • 2022-09-13 bf351f8012 [TASK] Resolve cgl violations in php files (thanks to Stefan Bürk)
  • 2022-09-12 74b597cb50 [TASK] Use same version of friendsofphp/php-cs-fixer as in v12 (thanks to Oliver Hader)
  • 2022-09-09 91d81bde8a [BUGFIX] Handle undefined tt_content_defValues in NewContentElementController (thanks to Andreas Fernandez)
  • 2022-09-09 4ed3e780a4 [DOCS] Fix rendering of Events in the docu (thanks to linawolf)
  • 2022-09-08 a6c6c0d7e3 [BUGFIX] Trim provided external URL in linkwizard modal (thanks to Georg Ringer)
  • 2022-09-08 13d9833ec4 [BUGFIX] Do not render clipboard errors as notification (thanks to Andreas Fernandez)
  • 2022-09-07 08cc061f58 [TASK] Use current git repository links (thanks to Stephan Großberndt)
  • 2022-09-07 184a8e9c98 [BUGFIX] Use correct data attribute name for doktype select (thanks to Oliver Bartsch)
  • 2022-09-07 21414f5324 [BUGFIX] Check if titleText is available in classesAnchor RTE config (thanks to Andreas Fernandez)
  • 2022-09-06 b1b0005a78 [TASK] Avoid PHP8.2 related deprecation failure in unit test (thanks to Stefan Bürk)
  • 2022-09-06 eb97d4c372 [BUGFIX] List invalid field in FormEngine review (thanks to Andreas Fernandez)
  • 2022-09-05 285ae7d3b0 [BUGFIX] Fix condition in EXT:impexp to check for export view (thanks to Andreas Fernandez)
  • 2022-09-05 c68017aaef [TASK] Update settings snippet: use default values everywhere (thanks to Josef Glatz)
  • 2022-09-02 e501f49d89 [TASK] Temporarly avoid PHPStan composer-max tests fails (thanks to Stefan Bürk)
  • 2022-09-02 85e317d548 [TASK] Avoid unsolveable phpstan error for return-type mismatch (thanks to Stefan Bürk)
  • 2022-09-02 d0f2fc6b0f [BUGFIX] Add missing outer-container classes for foreign selector types (thanks to Nikita Hovratov)
  • 2022-08-30 6130ea33ef [DOCS] Fix links to Events (thanks to Lina Wolf)
  • 2022-08-30 1095aa5b83 [DOCS] Fix section on how to open the dashboard (thanks to linawolf)
  • 2022-08-28 4745dcc6f5 [TASK] Temporarly skip mailer unit test execution with PHP8.1 (thanks to Stefan Bürk)
  • 2022-08-25 35785561b0 [TASK] Set TYPO3 version to 11.5.16-dev (thanks to Oliver Hader)