Backdrop CMS v1.16.2 Release Notes

Release Date: 2020-06-17 // almost 4 years ago
  • 🚀 Maintenance release for Backdrop CMS. This update contains security updates and bug fixes only.

    🚀 Previously, if a form submission failed Backdrop's cross-site request forgery protection, the submitted form values would be re-displayed to the user along with a message advising them to copy their previously submitted values and reload the page. Beginning with this release, the form is shown without any values for security reasons, and the user is prompted to press the back button to return to their previously entered values.

    ⚡️ The user-facing translatable string that appears when a form is outdated has also been changed, and translations of it will need to be updated.

    ⚡️ Notes for updating:

    • No changes have been made to the .htaccess, robots.txt, or default settings.php files in this release, so updating customized versions of those files is not necessary.
    • The database update script does not need to be run

    🔄 Changes since 1.16.1

    • 🔒 Security Fix, see BACKDROP-SA-CORE-2020-004
    • ⚡️ Issue #4423: Fix incorrect t() parameter usage in update_mail().
    • Issue #4419: prevent new empty formats if disabled ones exist
    • Issue #4431: Use b.org link for backups help.
    • 📚 Issue #3044: Update cron links to use backdropcms.org documentation.
    • Issue #3734: Fix broken template rescan in views.
    • 📚 Issue #4223: Correct API groups for Field UI documentation.
    • Issue #4146: Minor change to text in contact module.
    • Issue #4281: Enforce password value requirement on reset form.
    • Issue #4434: Optimize color_css_alter() to reduce number of file system checks.
    • 🚚 Issue #4424: Remove unnecessary string concatenations.