TYPO3 12.4.11

Release Notes

Version 12.4.11

Release Notes for TYPO3 CMS 12.4.11

This document contains information about TYPO3 CMS 12.4.11 which was released on 13.02.2024.

Get TYPO3 12.4.11 now

Checksums of TYPO3 12.4.11


a93bb3e8ceae5f00c77f985438dd948d2a33426ccfd7c2e0e5706325c43533a3 typo3_src-12.4.11.tar.gz
8e0a8eaeed082e273289f3e17318817418c38c295833a12e7f94abb2845830ee typo3_src-12.4.11.zip


9fcecf7b0e72074b060516c22115d57dd29fd5b0 typo3_src-12.4.11.tar.gz
3606bcc9331f2875812ddafd89ccc2ddf8922b63 typo3_src-12.4.11.zip


a4fbb1da81411f350081872fe2ff2dac typo3_src-12.4.11.tar.gz
c514ef9b7aad7c476fa4f36703e686fb typo3_src-12.4.11.zip


The usual upgrading procedure applies. No database updates are necessary. It might be required to clear all caches; the "important actions" section in the TYPO3 Install Tool offers the accordant possibility to do so.


Here is a list of what was fixed since 12.4.10:

  • 2024-02-13 3f83ff31e7 [RELEASE] Release of TYPO3 12.4.11 (thanks to Oliver Hader)
  • 2024-02-13 b47b6ddf5a [SECURITY] Deny directly modifying file abstraction layer entities (thanks to Oliver Hader)
  • 2024-02-13 33f4d279b8 [SECURITY] Prevent arbitrary access to privileged resources via t3:// (thanks to Benjamin Franzke)
  • 2024-02-13 df486372ea [SECURITY] Do not disclose encryptionKey via InstallTool (thanks to Benjamin Franzke)
  • 2024-02-13 cafc5af7fd [SECURITY] Avoid showing password hashes in backend edit forms (thanks to Oliver Hader)
  • 2024-02-13 6cc11761b8 [SECURITY] Prevent RCE via install tool settings (thanks to Benjamin Franzke)
  • 2024-02-13 78fb9287a2 [!!!][SECURITY] Enforce absolute path checks in FAL local driver (thanks to Oliver Hader)
  • 2024-02-13 e72b7c6cfd [BUGFIX] Avoid autocompletion in TCA type password (thanks to Benjamin Franzke)
  • 2024-02-13 6a1832a47b [TASK] Update phpstan/phpstan version (thanks to Stefan Bürk)
  • 2024-02-12 cecb6ae613 [TASK] Update composer/composer to most recent version (thanks to Oliver Hader)
  • 2024-02-12 df0fb93219 [BUGFIX] Fix list view functionality in FileList (thanks to Oliver Bartsch)
  • 2024-02-12 a97cc7367e [DOCS] Document how to replace a linktype (thanks to Sybille Peters)
  • 2024-02-11 70236e534e [BUGFIX] Also fetch outdated extensions in extensionmanager (thanks to Oliver Bartsch)
  • 2024-02-11 7596d9cd25 [BUGFIX] Wrong language labels in StandardContentPreviewRenderer (thanks to Torben Hansen)
  • 2024-02-10 4e0ee131a4 [BUGFIX] Avoid static calls to LogDataTrait::formatLogDetails (thanks to Oliver Hader)
  • 2024-02-10 9d64aed5ae [TASK] Update container image versions (thanks to Stefan Bürk)
  • 2024-02-09 09a8aa2344 [BUGFIX] Mitigate a TypeError in StandardContentPreviewRenderer (thanks to Yann)
  • 2024-02-09 314796a0b4 [BUGFIX] Handle record export and download options individually (thanks to Oliver Bartsch)
  • 2024-02-09 ed7ab690bc [BUGFIX] Properly use file name argument in locallang label (thanks to Oliver Bartsch)
  • 2024-02-09 484796b644 [TASK] Replace former extension packages using self.version (thanks to Thomas Hohn)
  • 2024-02-09 0e26556d1c [BUGFIX] Install Tool: Re-enable modal actions after execution (thanks to Andreas Kienast)
  • 2024-02-09 de2856d0e3 [TASK] Update sortablejs (thanks to Andreas Kienast)
  • 2024-02-09 916bf8fd87 [BUGFIX] Properly resolve GET parameter id (thanks to Benni Mack)
  • 2024-02-08 e02e8ef2ac [TASK] Fix acceptence tests window size with php-webdriver 1.15 (thanks to Benjamin Kott)
  • 2024-02-07 bf7bb9061b [BUGFIX] Undefined array index for TCA without ctrl (thanks to Simon Schaufelberger)
  • 2024-02-07 f99e80b59d [TASK] Add composer dispatcher to runTests.sh (thanks to Stefan Bürk)
  • 2024-02-07 9a6f1227e3 [TASK] Use correct global cache key for gitlab workflows (thanks to Stefan Bürk)
  • 2024-02-07 0dec20ea84 [TASK] Update sass (thanks to Andreas Kienast)
  • 2024-02-06 dfa3a35d40 [BUGFIX] Reverse rootline for PageLayoutResolver calls (thanks to Dimitri König)
  • 2024-02-06 ff1931a747 [TASK] Update doctrine/dbal:^3.8.1 (thanks to Stefan Bürk)
  • 2024-02-06 d58280d266 [BUGFIX] Fix typo in Random::DEFAULT_PASSWORD_LENGTH constant (thanks to Andreas Kienast)
  • 2024-02-05 44cf6313b9 [TASK] Drop unneeded TYPO3 version from package.json (thanks to Andreas Kienast)
  • 2024-02-05 08fb17122d [BUGFIX] Add fake TS setup in admin panel for fluid (thanks to Benni Mack)
  • 2024-02-05 7852f1adff [BUGFIX] Omit click menu on icons in browse mode (thanks to Oliver Bartsch)
  • 2024-02-05 ae40f5a518 [TASK] Add missing MySQL Server versions to runTests.sh (thanks to Stefan Bürk)
  • 2024-02-04 bedbe0df6a [TASK] Update lit packages (thanks to Andreas Kienast)
  • 2024-02-03 f89ac74c01 [TASK] Update locales translation files (thanks to Stefan Bürk)
  • 2024-02-03 f9e891109b [BUGFIX] Ensure extended XliffFileDumper::dump() is compatible (thanks to Stefan Bürk)
  • 2024-02-02 04f20417f2 [TASK] Update codemirror and friends (thanks to Andreas Kienast)
  • 2024-02-02 9a5b9ec410 [DOCS] Remove outdated number from logicalAnd() and logicalOr() PHPdoc (thanks to Albrecht Köhnlein)
  • 2024-02-02 5b18ef1b7b [TASK] Use podman before docker in Build/Scripts/runTests.sh (thanks to Stefan Bürk)
  • 2024-02-01 5d8f78f36b [BUGFIX] Do not force 5 records in list view (thanks to Oliver Bartsch)
  • 2024-02-01 120f3eb621 [TASK] Update testing-framework (thanks to Stefan Bürk)
  • 2024-02-01 3132d3d025 [BUGFIX] Prevent exception in TranslateViewHelper for modules without short description (thanks to Albrecht Köhnlein)
  • 2024-01-31 4971b10094 [TASK] Unblock argument passing in Build/Scripts/runTests.sh (thanks to Stefan Bürk)
  • 2024-01-31 7629b20a75 [BUGFIX] Reset array keys after filtering available languages (thanks to Oliver Bartsch)
  • 2024-01-31 0cb86f3123 [BUGFIX] Change file extension separator in element browser string (thanks to Oliver Bartsch)
  • 2024-01-31 22db97b11d [BUGFIX] Prevent memory leak when fetching a lot of database records (thanks to Sascha Nowak)
  • 2024-01-31 6ea7205403 [DOCS] Remove index page from changelogs (thanks to Chris Müller)
  • 2024-01-30 6dddf1a45e [BUGFIX] Prevent side effects in rst extension scanner tags check (thanks to Oliver Bartsch)
  • 2024-01-30 0f7d58fa8f [BUGFIX] Prevent empty categories in NewContentElementWizard (thanks to Oliver Bartsch)
  • 2024-01-29 c50449f299 [BUGFIX] Indexed Search: Pass freeIndexUid to pageBrowsing ViewHelper (thanks to Andreas Kienast)
  • 2024-01-28 9dcaf06463 [TASK] Improve type annotations for (Lazy)ObjectStorage (thanks to Oliver Klee)
  • 2024-01-28 c5906d7b53 [DOCS] Add link to hooks on "Concepts > Frontend rendering" page (EXT:form) (thanks to Chris Müller)
  • 2024-01-28 fd84049ba3 [BUGFIX] Add missing type in annotation for GU::implodeAttributes (thanks to Oliver Klee)
  • 2024-01-26 d74fb73e3e [TASK] Improve Install Tool UX for first-time users (thanks to Mathias Bolt Lesniak)
  • 2024-01-25 b305873ff2 [BUGFIX] Do not resolve resource paths in EXT:form (thanks to Peter Kraume)
  • 2024-01-25 62563f5b3c [TASK] Update PHPStan and friends (thanks to Stefan Bürk)
  • 2024-01-24 e0c694aa54 [BUGFIX] Add suggestion for EXT:lowlevel to EXT:form (thanks to Oliver Bartsch)
  • 2024-01-24 59c8cd7104 [BUGFIX] Indexed Search: Only write internal log if debugMode is enabled (thanks to Andreas Kienast)
  • 2024-01-23 4cf89797a0 [DOCS] Improve output of *rootPaths examples (thanks to Simon Praetorius)
  • 2024-01-23 63aa695585 [BUGFIX] Fix type annotations in extbase Annotation classes (thanks to Oliver Klee)
  • 2024-01-23 1e340c04a1 [DOCS] Fix BeforeRequestTokenProcessedEvent code example (thanks to Torben Hansen)
  • 2024-01-23 a8bde286ee [TASK] Update to CKEditor5 v41 (thanks to Benjamin Franzke)
  • 2024-01-23 f0bcfbc703 [TASK] Add stored page id to LiveSearch search demand (thanks to Andreas Kienast)
  • 2024-01-22 d356b2d309 [BUGFIX] Typoscript ">" operator removes too much (thanks to Christian Kuhn)
  • 2024-01-22 70b7bc1982 [BUGFIX] Use matching site in extbase BE modules (thanks to Christian Kuhn)
  • 2024-01-22 ad54ae83d0 [DOCS] Fixes PHP syntax in snippet (thanks to Julian Hofmann)
  • 2024-01-22 b894818768 [TASK] Update container image versions (thanks to Stefan Bürk)
  • 2024-01-21 e914e7fbe6 [DOCS] Added note to ext:felogin redirect modes (thanks to Torben Hansen)
  • 2024-01-21 5ec4b642f5 [BUGFIX] Fix page input of recordlist pagination (thanks to Oliver Bartsch)
  • 2024-01-20 0e0a9fac06 [TASK] Ensure unique values in filemounts permissions (thanks to Marcin Sągol)
  • 2024-01-19 566c6d602d [TASK] Sort table and field list in DB Check module by labels (thanks to Marcin Sągol)
  • 2024-01-18 7a9cfb2bb9 [BUGFIX] Restore Controller PHP attribute (thanks to Oliver Bartsch)
  • 2024-01-18 39cf571615 [BUGFIX] Ensure table wizard connected callback has access to textarea (thanks to Benjamin Franzke)
  • 2024-01-18 5c296a4560 [BUGFIX] Prevent type error on static route (thanks to linawolf)
  • 2024-01-16 9fcbdad4a2 [BUGFIX] Use correct check and fallback type for plugin itemGroups resolving (thanks to Oliver Bartsch)
  • 2024-01-16 c73f57ae58 [TASK] Set TYPO3 version to 12.4.11-dev (thanks to Oliver Hader)