Release Notes/1.1.9.1: Difference between revisions
From Davical
Jump to navigationJump to search
(Release notes for version 1.1.9.1) |
(No difference)
|
Latest revision as of 02:45, 4 December 2019
Template:ReleasedTemplate:TOCright
This release fixes several important security issues and should be installed by all installations. It also includes miscellaneous other changes received during 2019.
This version includes a correction to version 1.1.9 to add a function that had gone missing from htdocs/always.php
Prerequisites for Upgrade
Upgrades of Other Software
- AWL 0.60 is recommended for use with this version (as with version 1.1.8)
Changes
Bug Fixes
- Corrects reflected cross-site scripting (XSS) vulnerability
- Corrects persistent XSS vulnerability in user/group/resource details
- Corrects persistent XSS vulnerability in user/group/resource list
- Adds token to address cross-site request forgery (CSRF) vulnerability
- Corrects syntax error in name of collection_id
- Make calquery aware of default timezone
- Corrections to range-based calendar queries
- Add missing 'break' to rrule.php
Other Changes
- Updated PHP version requirement
Downloading DAViCal
DAViCal 1.1.9.1: https://www.davical.org/downloads/davical_1.1.9.1.orig.tar.xz
AWL 0.60: https://www.davical.org/downloads/awl_0.60.orig.tar.xz
See Downloading
Known Issues
Subsequently Fixed in Git
- None
Outstanding
- None known.