phpBB

Development Wiki

Difference between revisions of "Release Highlights/3.0.14"

From phpBB Development Wiki

(Created page with "This page highlights important changes in phpBB 3.0.14. For a complete list of changes, please refer to [https://tracker.phpbb.com/issues/?filter=13094 this report]. == Secur...")
 
(Security and Hardening)
Line 2: Line 2:
  
 
== Security and Hardening ==
 
== Security and Hardening ==
* Hardening: The HTTP protocol version received via SERVER_PROTOCOL is not verifed to have the expected format. See [https://tracker.phpbb.com/browse/PHPBB3-13765 PHPBB3-13765].
+
* Hardening: The HTTP protocol version received via SERVER_PROTOCOL is now verifed to have the expected format. See [https://tracker.phpbb.com/browse/PHPBB3-13765 PHPBB3-13765].
  
 
== Notable Changes and Bug Fixes ==
 
== Notable Changes and Bug Fixes ==
 
* The path to imagick is now correctly verified as an absolute path instead of a relative path. See [https://tracker.phpbb.com/browse/PHPBB3-13568 PHPBB3-13568].
 
* The path to imagick is now correctly verified as an absolute path instead of a relative path. See [https://tracker.phpbb.com/browse/PHPBB3-13568 PHPBB3-13568].
 
* download/file.php no longer sends a Content-Length header when returning a "304 - Not Modified" response. See [https://tracker.phpbb.com/browse/PHPBB3-13414 PHPBB3-13414].
 
* download/file.php no longer sends a Content-Length header when returning a "304 - Not Modified" response. See [https://tracker.phpbb.com/browse/PHPBB3-13414 PHPBB3-13414].

Revision as of 22:00, 27 April 2015

This page highlights important changes in phpBB 3.0.14. For a complete list of changes, please refer to this report.

Security and Hardening

  • Hardening: The HTTP protocol version received via SERVER_PROTOCOL is now verifed to have the expected format. See PHPBB3-13765.

Notable Changes and Bug Fixes

  • The path to imagick is now correctly verified as an absolute path instead of a relative path. See PHPBB3-13568.
  • download/file.php no longer sends a Content-Length header when returning a "304 - Not Modified" response. See PHPBB3-13414.