Contao (formerly Typolight) version 2.9.1 is available. The maintenance release includes an important front-end cache fix, a front-end preview link fix, and various accessibility fixes. It also fixes an XSS vulnerability in one of the framework functions, so an update is highly recommended.
Changes include:
- Updated TinyMCE to version 3.3.8
- Improved the theme exporter to skip back end templates
- Improved the theme importer to check for existing custom templates
- Added: added a Safari patch for the EditArea plugin
- Added: added a Swedish translation to the TinyMCE typolinks plugin
- Added: added a warning to the login screen if cookies are not allowed
- Fixed: the listing module always showed the primary key column
- Fixed: empty article teaser drop-down menu when only a root page was mounted
- Fixed: the hyperlink element did not handle mailto-links correctly
- Fixed: the table sort script did not handle tag replacements correctly
- Fixed: the version 2.9 database update failed when upgrading from version 2.6
- Fixed: the maximum front end image width was not calculated correctly
- Fixed: custom image gallery templates threw an exception the back end
- Fixed: fixed an XSS vulnerability in the front end
- Fixed: the feed generator did not always use the correct publication date
- Fixed: fixed two style sheet importer issues
- Fixed: the front end preview links did not work with URL rewriting enabled
- Fixed: not all browser languages were checked when looking for a website root
- Fixed: the front end cache only worked with rewritten URLs
- Fixed: recursive duplication of a page created an empty record
- Fixed: the comments form was not displayed if an element was protected
- Fixed: change the link title when nodes are expanded or collapsed
- Fixed: do not add pages with robots=”noindex” to the XML sitemap
- Fixed some minor issues
More info: news, interview, review
Website: http://www.contao.org
