TYPO3 6.2.54 ELTS

Release Notes

Version 6.2.54 ELTS

This version is not supported anymore.

The TYPO3 CMS community supported from 2014-03-25 until 2017-04-04. Please consider updating to a newer version.

Release Notes for TYPO3 CMS 6.2.54

This document contains information about TYPO3 CMS 6.2.54 which was released on 17.11.2020.

Get TYPO3 6.2.54 now

News

This release is a combined bug fix and security release.

Find more details in the security bulletins

With recent security-related changes, the escaping behaviour of ViewHelper arguments in Fluid has changed in a possibly breaking way. In case you encounter issues with this new behavior in a ViewHelper you can't fix, please add the following line into your typo3conf/AdditionalConfiguration.php for each affected ViewHelper:

$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['fluid']['security']['disableNewEscapingBehavior'][\ACME\Extension\ViewHelpers\MyViewHelper::class] = true;

It is possible to disable the new escaping behavior globally as well, however, this is not recommended. To do so, please add the following line into your typo3conf/AdditionalConfiguration.php:

$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['fluid']['security']['disableNewEscapingBehavior'] = true;

Checksums of TYPO3 6.2.54

SHA256

57799053f8384f8f97ca19935fc3ec2aa005b8febdbc4b5a6cc03cc8ae1cbc35 typo3_src-6.2.54.tar.gz
ef806754b9280c757c5cbbbb1cd5572032d883a030971b4dd657d8e10f4f2321 typo3_src-6.2.54.zip

MD5

9043772afeb33316dbef8e4054244bc8 typo3_src-6.2.54.tar.gz
ce1999de83e6569b08a5ffed046e3508 typo3_src-6.2.54.zip

Upgrading

The usual upgrading procedure applies. No database updates are necessary. It might be required to clear all caches; the "important actions" section in the TYPO3 Install Tool offers the accordant possibility to do so.

Changes

  • 2020-11-17 445fb4f76 Release version 6.2.54
  • 2020-11-17 1004e76e5 [SECURITY] Protect persisted session IDs from being used directly
  • 2020-11-17 57a3ba332 [SECURITY] Encode passed arguments in Fluid view helpers
  • 2020-11-17 57342bbdb [SECURITY] Address XSS vulnerabilities in Fluid
  • 2020-11-12 d0cd03538 [TASK] Support installation via Composer 2
  • 2020-11-02 cd4b95b3f [TASK] Update build plans