TYPO3 8.7.40 ELTS
This document contains information about TYPO3 CMS 8.7.40 which was released on 16.03.2021.Get TYPO3 8.7.40 now
This release is a combined bug fix and security release.
Find more details in the security bulletins
b5b581cf8b9b0303059f3da5b1c939d24b377593f2467a08bd9571da60ca0354 typo3_src-8.7.40.tar.gz df38bf9526cea64b2601371d833bd8b2f0722733d20057f54496688f5303a1fe typo3_src-8.7.40.zip
6782b2f5d819dc726a5fd1158a40e18c32aec66a typo3_src-8.7.40.tar.gz 2e6915a8fbe27a2a061411bfa7eca922f6a4ece2 typo3_src-8.7.40.zip
c03ceb78026c5d5a61cfb20b58f407d6 typo3_src-8.7.40.tar.gz 066295808acbc79e81a59b351bd5f7c3 typo3_src-8.7.40.zip
TYPO3 Release Packages (the downloadable tarballs and zip files) as well as Git tags are signed using PGP signatures during the automated release process. Besides that, MD5 and SHA2-256 hashes are being generated for these files. Find more details on verifying signatures and hashes in the infrastructure guide.
Example of verifying integrity of tar.gz package of current release:
wget --content-disposition https://get.typo3.org/8.7.40/tar.gz wget --content-disposition https://get.typo3.org/8.7.40/tar.gz.sig gpg --verify typo3_src-8.7.40.tar.gz.sig typo3_src-8.7.40.tar.gz
The usual upgrading procedure applies. No database updates are necessary. It might be required to clear all caches; the "important actions" section in the TYPO3 Install Tool offers the accordant possibility to do so.
- 2021-03-16 18cadb5ddd [RELEASE] Release of TYPO3 8.7.40 (thanks to Andreas Fernandez)
- 2021-03-16 508671278a [SECURITY] Mitigate directly accessible file upload in form framework (thanks to Oliver Hader)
- 2021-03-16 3da15b5265 [BUGFIX] Fix serialization of FileReference objects (thanks to Benjamin Franzke)
- 2021-03-16 02e480fbfd [SECURITY] Mitigate XSS in PreviewRenderer for menus (thanks to Oliver Bartsch)
- 2021-03-16 c90682993f [SECURITY] Validate allowed values for form element editors (thanks to Ralf Zimmermann)
- 2021-03-16 81791cb730 [SECURITY] Avoid storing plain session identifier in $USER->uc (thanks to Oliver Hader)
- 2021-03-16 ef254cb10b [SECURITY] Prevent urls starting with // to be used for redirects (thanks to Torben Hansen)
- 2021-03-15 a3592edf13 [BUGFIX] Replace algo26-matthias/idna-convert with native PHP functionality (thanks to Andreas Fernandez)
- 2021-03-15 8acecee705 [BUGFIX] Fix serialization of FileReference objects (thanks to Benjamin Franzke)
- 2021-03-11 c653d3b823 [BUGFIX] Fix CGL in EXT:form's FluidFormRenderer.php (thanks to Andreas Fernandez)
- 2021-01-26 91675d82bd [BUGFIX] Loosen constraint of typo3/cms-composer-installers (thanks to Andreas Fernandez)
- 2021-01-25 a4dceec794 [TASK] Harden client-side SecurityUtility.encodeHtml (thanks to Oliver Hader)
- 2020-12-18 b84bf850e3 [TASK] Set TYPO3 version to 8.7.40-dev (thanks to Andreas Fernandez)