All versions are maintenance releases and contain only bugfixes.
IMPORTANT: These versions contain important fixes of regressions from
the earlier versions released 20 January 2009, but they do not contain
additional security fixes.
ChangeLog:
2009-01-24 Ingmar Schlecht <ingmar@typo3.org>
* Release of TYPO3 4.2.5
2009-01-24 Ingmar Schlecht <ingmar@typo3.org>
* Fixed bug #10205: DB session record is only created when user is authenticated (thanks also to Michael Stucki)
2009-01-20 Steffen Kamper <info@sk-typo3.de>
* Fixed bug #9345: Bug: CSV export includes _CLIPBOARD_ in header row (thanks to Christian Kuhn)
This update contains security fixes and please refer ChangeLog file
for full changes.
1. System extension Install tool (install)
Insecure Randomness
2. Authentication library
Broken Authentication and Session Management
3. System extension Indexed Search Engine (indexed_search)
Cross-Site Scripting, Remote Command Execution
4. System extension ADOdb (adodb)
Cross-Site Scripting
5. Workspace module
Cross-Site Scripting
After update, you will need to create a new encryption key.
(1) Upgrade to the new TYPO3 version.
(2) Clear the configuration cache
(3) Open the install tool and choose menu 1 ("Basic Configuration").
(4) Scroll to the bottom of the page and click on the button
"Generate random key".
(5) Submit the form by clicking on "Update localconf.php".
(6) Clear the configuration and page cache again.
