2017.08

New legacy release, with support for PHP7*, and for running more seamlessly with eZ Platform.

This release is for use by Community users as well as eZ Platform Enterprise users alike, aiming to simplify the lives of everyone still using legacy, and getting back to having one code base to contribute to as opposed to across forks.

Security

This release contains several security patches and general bug fixes previously exclusively published for eZ Publish Enterprise users during time frame when eZ was not maintaining this community repository. And is thus a strongly recommended upgrade for anyone using other community releases (2014.xx, older dev-master or community forks)!

Starting with this release eZ is now co-maintaining this repository with community, and will apply it's standard security handling for future releases here. Meaning eZ Enterprise subscribers will get access to security micro releases, and a few weeks later those patches will be made available and applied here to all at the same time as the security information is publicly disclosed.

Changes

• For new features in this release, see 2017.08 milestone.
  • BC Note: To avoid usage with older Platform install which does not have these features, this release can only be installed with eZ Platform 1.11 and higher.
• For full change log since 2015.01, see full change log.

_{* NOTE: Like in recent update of eZ Publish Platform 5.4LTS, the support for PHP7 has limitations and caveats you should be aware of: https://doc.ez.no/display/EZP/Considerations+when+running+5.4+on+PHP7 The deprecation errors are however fixed in upcoming 2017.10 release.}

2015.01.3

Fix EZP-24140: Potential vulnerability in eZ Publish password recovery

Use openssl_random_pseudo_bytes() if available, otherwise fall back to mt_rand(). Use microtime() for entropy.

(cherry picked from commit 5908d5ee65fec61ce0e321d586530461a210bf2a)

2014.11.2

Fixes a security issue.

2015.01.2

Fixes an exception when using current master of legacy bridge:

 [Symfony\Component\Debug\Exception\UndefinedMethodException]                          
  Attempted to call method "hasInstance" on class "eZ\Publish\Core\MVC\Legacy\Kernel". 

Cherry picked from c66558d

2015.01.1

Merge pull request #1144 from glye/ezp-23993_security_reporting

Implement EZP-23993: Clarify and document how security issues should be reported

v2015.01.0

Merge pull request #1139 from glye/ezp-23908_expiry_php_race_condition

Fix EZP-23908: expiry.php race condition

v2014.11.1

Fixed an important bug avoiding to correctly import package content (…

…e.g. from ezdemo)

v2014.11.0

v2014.11.0

v2014.07.2

Tagged v2014.07.2

v2014.07.1

v2014.07.1