TYPO3 11.1.1
Release Notes
Release Notes for TYPO3 CMS 11.1.1
This document contains information about TYPO3 CMS 11.1.1 which was released on 16.03.2021.
Get TYPO3 11.1.1 nowNews
This release is a combined bug fix and security release.
Find more details in the security bulletins:
- https://typo3.org/security/advisory/typo3-core-sa-2021-001
- https://typo3.org/security/advisory/typo3-core-sa-2021-002
- https://typo3.org/security/advisory/typo3-core-sa-2021-003
- https://typo3.org/security/advisory/typo3-core-sa-2021-004
- https://typo3.org/security/advisory/typo3-core-sa-2021-005
- https://typo3.org/security/advisory/typo3-core-sa-2021-006
- https://typo3.org/security/advisory/typo3-core-sa-2021-007
- https://typo3.org/security/advisory/typo3-core-sa-2021-008
Checksums of TYPO3 11.1.1
SHA256
dd447d818648788537e6caa42010473c0990786b2cc9b390c785930ff08cadb2 typo3_src-11.1.1.tar.gz 2ee446ed37baecd876287a3ca276430c56373641475df2bffb6cdf635d91a7d6 typo3_src-11.1.1.zip
SHA1
669f802901a650f25fd1d385fd7e3d5c2f829aef typo3_src-11.1.1.tar.gz 12abbbffad89b525255f1a765f383db65e179c32 typo3_src-11.1.1.zip
MD5
f1f1b035bf7c5b8ea0a9c7766f747cdf typo3_src-11.1.1.tar.gz 16612cb96054b6d6b26bf3c4627bc620 typo3_src-11.1.1.zip
Upgrading
The usual upgrading procedure applies. No database updates are necessary. It might be required to clear all caches; the "important actions" section in the TYPO3 Install Tool offers the accordant possibility to do so.
Changes
Here is a list of what was fixed since 11.1.0:
- 2021-03-16 67471a2b5b [RELEASE] Release of TYPO3 11.1.1 (thanks to Oliver Hader)
- 2021-03-16 33ddc49a26 [SECURITY] Mitigate XSS in PreviewRenderer for menus (thanks to Oliver Bartsch)
- 2021-03-16 2adc071b7a [SECURITY] XSS in PreviewRenderer with descriptions (thanks to Andreas Fernandez)
- 2021-03-16 71914e5f06 [SECURITY] Avoid storing plain session identifier in $USER->uc (thanks to Oliver Hader)
- 2021-03-16 ba66465e00 [SECURITY] Add cache for error page handling (thanks to Frank Naegler)
- 2021-03-16 11eb857edf [SECURITY] XSS in form creation wizard (thanks to Andreas Fernandez)
- 2021-03-16 d9f2da3376 [SECURITY] Validate allowed values for form element editors (thanks to Ralf Zimmermann)
- 2021-03-16 20f9a7d59d [SECURITY] Mitigate directly accessible file upload in form framework (thanks to Oliver Hader)
- 2021-03-16 d5c16bc178 [SECURITY] Prevent urls starting with // to be used for redirects (thanks to Torben Hansen)
- 2021-03-15 c887afe998 [TASK] Update CKEditor to 4.16.0 (thanks to Georg Ringer)
- 2021-03-15 26a0a53ab2 [TASK] Set TYPO3 version to 11.1.1-dev (thanks to Oliver Hader)