TYPO3 6.2.54 ELTS
Release Notes
This version is not supported anymore.
The TYPO3 CMS community supported from 2014-03-25 until 2017-04-04. Extended security & compatibility support (ELTS) expired on 2021-03-31.
Please consider updating to a newer version.
Release Notes for TYPO3 CMS 6.2.54
This document contains information about TYPO3 CMS 6.2.54 which was released on 17.11.2020.
Get TYPO3 6.2.54 nowNews
This release is a combined bug fix and security release.
Find more details in the security bulletins
- https://typo3.org/security/advisory/typo3-core-sa-2020-009
- https://typo3.org/security/advisory/typo3-core-sa-2020-010
- https://typo3.org/security/advisory/typo3-core-sa-2020-011
With recent security-related changes, the escaping behaviour of ViewHelper arguments in Fluid has changed in a possibly breaking way. In case you encounter issues with this new behavior in a ViewHelper you can't fix, please add the following line into your typo3conf/AdditionalConfiguration.php
for each affected ViewHelper:
$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['fluid']['security']['disableNewEscapingBehavior'][\ACME\Extension\ViewHelpers\MyViewHelper::class] = true;
It is possible to disable the new escaping behavior globally as well, however, this is not recommended. To do so, please add the following line into your typo3conf/AdditionalConfiguration.php
:
$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['fluid']['security']['disableNewEscapingBehavior'] = true;
Checksums of TYPO3 6.2.54
SHA256
57799053f8384f8f97ca19935fc3ec2aa005b8febdbc4b5a6cc03cc8ae1cbc35 typo3_src-6.2.54.tar.gz ef806754b9280c757c5cbbbb1cd5572032d883a030971b4dd657d8e10f4f2321 typo3_src-6.2.54.zip
MD5
9043772afeb33316dbef8e4054244bc8 typo3_src-6.2.54.tar.gz ce1999de83e6569b08a5ffed046e3508 typo3_src-6.2.54.zip
Upgrading
The usual upgrading procedure applies. No database updates are necessary. It might be required to clear all caches; the "important actions" section in the TYPO3 Install Tool offers the accordant possibility to do so.
Changes
- 2020-11-17 445fb4f76 Release version 6.2.54
- 2020-11-17 1004e76e5 [SECURITY] Protect persisted session IDs from being used directly
- 2020-11-17 57a3ba332 [SECURITY] Encode passed arguments in Fluid view helpers
- 2020-11-17 57342bbdb [SECURITY] Address XSS vulnerabilities in Fluid
- 2020-11-12 d0cd03538 [TASK] Support installation via Composer 2
- 2020-11-02 cd4b95b3f [TASK] Update build plans