TYPO3 11.1.1

Release Notes

Version 11.1.1

Release Notes for TYPO3 CMS 11.1.1

This document contains information about TYPO3 CMS 11.1.1 which was released on 16.03.2021.

Get TYPO3 11.1.1 now

Checksums of TYPO3 11.1.1

SHA256

dd447d818648788537e6caa42010473c0990786b2cc9b390c785930ff08cadb2 typo3_src-11.1.1.tar.gz
2ee446ed37baecd876287a3ca276430c56373641475df2bffb6cdf635d91a7d6 typo3_src-11.1.1.zip

SHA1

669f802901a650f25fd1d385fd7e3d5c2f829aef typo3_src-11.1.1.tar.gz
12abbbffad89b525255f1a765f383db65e179c32 typo3_src-11.1.1.zip

MD5

f1f1b035bf7c5b8ea0a9c7766f747cdf typo3_src-11.1.1.tar.gz
16612cb96054b6d6b26bf3c4627bc620 typo3_src-11.1.1.zip

Upgrading

The usual upgrading procedure applies. No database updates are necessary. It might be required to clear all caches; the "important actions" section in the TYPO3 Install Tool offers the accordant possibility to do so.

Changes

Here is a list of what was fixed since 11.1.0:

  • 2021-03-16 67471a2b5b [RELEASE] Release of TYPO3 11.1.1 (thanks to Oliver Hader)
  • 2021-03-16 33ddc49a26 [SECURITY] Mitigate XSS in PreviewRenderer for menus (thanks to Oliver Bartsch)
  • 2021-03-16 2adc071b7a [SECURITY] XSS in PreviewRenderer with descriptions (thanks to Andreas Fernandez)
  • 2021-03-16 71914e5f06 [SECURITY] Avoid storing plain session identifier in $USER->uc (thanks to Oliver Hader)
  • 2021-03-16 ba66465e00 [SECURITY] Add cache for error page handling (thanks to Frank Naegler)
  • 2021-03-16 11eb857edf [SECURITY] XSS in form creation wizard (thanks to Andreas Fernandez)
  • 2021-03-16 d9f2da3376 [SECURITY] Validate allowed values for form element editors (thanks to Ralf Zimmermann)
  • 2021-03-16 20f9a7d59d [SECURITY] Mitigate directly accessible file upload in form framework (thanks to Oliver Hader)
  • 2021-03-16 d5c16bc178 [SECURITY] Prevent urls starting with // to be used for redirects (thanks to Torben Hansen)
  • 2021-03-15 c887afe998 [TASK] Update CKEditor to 4.16.0 (thanks to Georg Ringer)
  • 2021-03-15 26a0a53ab2 [TASK] Set TYPO3 version to 11.1.1-dev (thanks to Oliver Hader)