TYPO3 7.6.40 ELTS
This release is a combined bug fix and security release.
18b4ca7daaf80001225807e970780119000cffe8a07bd7da36a2981cd8db91fd typo3_src-7.6.40.tar.gz ba7bdf4cf6a178ea1067f487e9d9e0eed9fd9d2cc5cc7de4dc1193be70d04add typo3_src-7.6.40.zip
f3972601156a0f013e6337d6bafc0fddbaf3abfc typo3_src-7.6.40.tar.gz 0c80beaa85135e16afb8f93065035a8b3141eaf8 typo3_src-7.6.40.zip
9934b6c358011cb022ae986b918fbf99 typo3_src-7.6.40.tar.gz daceea4aa720845b673c469c835ae05a typo3_src-7.6.40.zip
TYPO3 Release Packages (the downloadable tarballs and zip files) as well as Git tags are signed using PGP signatures during the automated release process. Besides that, MD5 and SHA2-256 hashes are being generated for these files. Find more details on verifying signatures and hashes in the infrastructure guide.
Example of verifying integrity of tar.gz package of current release:
wget --content-disposition https://get.typo3.org/7.6.40/tar.gz wget --content-disposition https://get.typo3.org/7.6.40/tar.gz.sig gpg --verify typo3_src-7.6.40.tar.gz.sig typo3_src-7.6.40.tar.gz
The usual upgrading procedure applies. No database updates are necessary. It might be required to clear all caches; the "important actions" section in the TYPO3 Install Tool offers the accordant possibility to do so.
- 2019-12-17 e7abe0c4e8 [RELEASE] Release of TYPO3 7.6.40 (thanks to Andreas Fernandez)
- 2019-12-17 210248b4be [SECURITY] Avoid XSS by correctly encoding typolink results (thanks to Oliver Hader)
- 2019-12-17 1b1cbc3b10 [SECURITY] Prevent SQLi in ext:lowlevel QueryGenerator (thanks to Frank Naegler)
- 2019-12-17 ab2639f75b [TASK] Streamline frontend user password recovery process (thanks to Oliver Hader)
- 2019-12-17 7368f69825 [SECURITY] Avoid directory traversal on archive extraction (thanks to Andreas Fernandez)
- 2019-12-17 749ac0c1a5 [SECURITY] XSS in file list through file extension (thanks to Andreas Fernandez)
- 2019-12-17 b66cdbf28c [SECURITY] Avoid insecure deserialization in QueryGenerator & QueryView (thanks to Frank Naegler)
- 2019-12-16 ab2de5cc12 [SECURITY] Avoid possible insecure deserialization in Extbase (thanks to Oliver Hader)
- 2019-12-09 eb76b620bf [BUGFIX] Prevent encoding of search form (thanks to Andreas Fernandez)