summaryrefslogtreecommitdiffstats
path: root/user_guide_src/source/changelog.rst
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2016-10-28 17:34:05 +0200
committerAndrey Andreev <narf@devilix.net>2016-10-28 17:34:05 +0200
commit67b40a561111a5a65faa245cd4c575e8d945cfb8 (patch)
tree4c9d3c66d666f3a781299e11806a5ff1d11fc3ba /user_guide_src/source/changelog.rst
parentdf34b547c97ba1ce1ddb819495d299cb845a87de (diff)
parent499c6080cd41927df088206155e4055d4da3e58e (diff)
Merge branch '3.1-stable' into develop
Resolved conflicts: system/core/CodeIgniter.php user_guide_src/source/changelog.rst user_guide_src/source/conf.py user_guide_src/source/installation/downloads.rst user_guide_src/source/installation/upgrading.rst user_guide_src/source/libraries/form_validation.rst
Diffstat (limited to 'user_guide_src/source/changelog.rst')
-rw-r--r--user_guide_src/source/changelog.rst36
1 files changed, 31 insertions, 5 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 518569097..618dd604a 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -43,19 +43,43 @@ Release Date: Not Released
- Updated :doc:`HTML Helper <helpers/html_helper>` function :php:func:`meta()` with support for "charset" and "property" properties.
- Changed :doc:`HTML Helper <helpers/html_helper>` function :php:func:`doctype()` default document type to HTML 5.
-Bug fixes for 3.1.0
+Version 3.1.2
+=============
+
+Release Date: Oct 28, 2016
+
+- **Security**
+
+ - Fixed a number of new vulnerabilities in :doc:`Security Library <libraries/security>` method ``xss_clean()``.
+
+- General Changes
+
+ - Allowed PHP 4-style constructors (``Mathching_name::Matching_name()`` methods) to be used as routes, if there's a ``__construct()`` to override them.
+
+Bug fixes for 3.1.2
-------------------
-- Fixed a bug (#4528) - :doc:`Cache Library <libraries/caching>` stored all scalar values as strings with the 'redis' driver.
+- Fixed a regression (#4874) - :doc:`Session Library <libraries/sessions>` didn't take into account ``session.hash_bits_per_character`` when validating session IDs.
+- Fixed a bug (#4871) - :doc:`Query Builder <database/query_builder>` method ``update_batch()`` didn't properly handle identifier escaping.
+- Fixed a bug (#4884) - :doc:`Query Builder <database/query_builder>` didn't properly parse field names ending in 'is' when used inside WHERE and HAVING statements.
+- Fixed a bug where ``CI_Log``, ``CI_Output``, ``CI_Email`` and ``CI_Zip`` didn't handle strings in a byte-safe manner when ``mbstring.func_override`` is enabled.
Version 3.1.1
=============
-Release Date: Not Released
+Release Date: Oct 22, 2016
+
+- **Security**
+
+ - Fixed a flaw in :doc:`Security Library <libraries/security>` method ``entity_decode()`` (used by ``xss_clean()``) that affects HTML 5 entities when using PHP 5.3.
- General Changes
- Added ``E_PARSE`` to the list of error levels detected by the shutdown handler.
+ - Updated :doc:`Inflector Helper <helpers/inflector_helper>` :php:func:`is_countable()` with more words.
+ - Updated :doc:`common function <general/common_functions>` :php:func:`set_status_header()` with new status codes from IETF RFCs
+ `2817 <https://tools.ietf.org/html/rfc2817>`_ (426)
+ and `6585 <https://tools.ietf.org/html/rfc6585>`_ (428, 429, 431, 511).
Bug fixes for 3.1.1
-------------------
@@ -65,7 +89,7 @@ Bug fixes for 3.1.1
- Fixed a bug (#4737) - :doc:`Query Builder <database/query_builder>` didn't add an ``OFFSET`` when ``LIMIT`` is zero or unused.
- Fixed a regression (#4739) - :doc:`Email Library <libraries/email>` doesn't properly separate attachment bodies from headers.
- Fixed a bug (#4754) - :doc:`Unit Testing Library <libraries/unit_testing>` method ``result()`` didn't translate ``res_datatype``.
-- Fixed a bug (#4759) - :doc:`Form Validation <libraries/form_validation>`, :doc:`Trackback <libraries/trackback>` and `XML-RPC <libraries/xmlrpc>` libraries treated URI schemes in a case-sensitive manner.
+- Fixed a bug (#4759) - :doc:`Form Validation <libraries/form_validation>`, :doc:`Trackback <libraries/trackback>` and :doc:`XML-RPC <libraries/xmlrpc>` libraries treated URI schemes in a case-sensitive manner.
- Fixed a bug (#4762) - :doc:`Cache Library <libraries/caching>` 'file' driver method ``get_metadata()`` checked TTL time against ``mtime`` instead of the cache item's creation time.
- Fixed a bug where :doc:`File Uploading Library <libraries/file_uploading>` generated error messages on PHP 7.1.
- Fixed a bug (#4780) - :doc:`compatibility function <general/compatibility_functions>` ``hex2bin()`` didn't reject inputs of type "resource".
@@ -79,6 +103,8 @@ Bug fixes for 3.1.1
- Fixed a bug (#4851) - :doc:`Database Forge <database/forge>` didn't quote schema names passed to its ``create_database()`` method.
- Fixed a bug (#4863) - :doc:`HTML Table Library <libraries/table>` method ``set_caption()`` was missing method chaining support.
- Fixed a bug (#4843) - :doc:`XML-RPC Library <libraries/xmlrpc>` client class didn't set a read/write socket timeout.
+- Fixed a bug (#4865) - uncaught exceptions didn't set the HTTP Response status code to 500 unless ``display_errors`` was turned On.
+- Fixed a bug (#4830) - :doc:`Session Library <libraries/sessions>` didn't take into account the new session INI settings in PHP 7.1.
Version 3.1.0
=============
@@ -88,7 +114,7 @@ Release Date: July 26, 2016
- **Security**
- Fixed an SQL injection in the 'odbc' database driver.
- - Updated :php:func:`set_realpath()` :doc:`Path Helpr <helpers/path_helper>` function to filter-out ``php://`` wrapper inputs.
+ - Updated :php:func:`set_realpath()` :doc:`Path Helper <helpers/path_helper>` function to filter-out ``php://`` wrapper inputs.
- Officially dropped any kind of support for PHP 5.2.x and anything under 5.3.7.
- General Changes