From 9c9fdd0cf113a6c53f13c0a1ee35c2c051e1bc5c Mon Sep 17 00:00:00 2001 From: totten Date: Wed, 20 Nov 2019 19:59:12 +0000 Subject: [PATCH] Update 5.19.2.md --- release-notes/5.19.2.md | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/release-notes/5.19.2.md b/release-notes/5.19.2.md index 1c0f91fa7d..2766086b25 100644 --- a/release-notes/5.19.2.md +++ b/release-notes/5.19.2.md @@ -3,6 +3,7 @@ Released November 20, 2019 - **[Security advisories](#security)** +- **[Bugs resolved](#bugs)** - **[Credits](#credits)** ## Synopsis @@ -11,7 +12,7 @@ Released November 20, 2019 |:--------------------------------------------------------------- |:-------:| | **Fix security vulnerabilities?** | **yes** | | Change the database schema? | no | -| Alter the API? | no | +| Alter the API? | **yes** | | Require attention to configuration options? | no | | Fix problems installing or upgrading to a previous version? | no | | Introduce features? | no | @@ -19,19 +20,19 @@ Released November 20, 2019 ## Security advisories -- **[CIVI-SA-2019-19](https://civicrm.org/advisory/civi-sa-2019-19-sqli-in-dedupefind)**: SQLI in dedupefind -- **[CIVI-SA-2019-20](https://civicrm.org/advisory/civi-sa-2019-20-privilege-escalation-via-leaked-key)**: Privilege Escalation via Leaked Key -- **[CIVI-SA-2019-21](https://civicrm.org/advisory/civi-sa-2019-21-poi-saved-search-and-report-instance-apis)**: POI via Saved Search and Report Instance APIs -- **[CIVI-SA-2019-22](https://civicrm.org/advisory/civi-sa-2019-22-xss-in-dashboard-titles)**: XSS in Dashboard Titles +- **[CIVI-SA-2019-19](https://civicrm.org/advisory/civi-sa-2019-19-sqli-in-dedupefind)**: SQLI in "dedupefind" +- **[CIVI-SA-2019-20](https://civicrm.org/advisory/civi-sa-2019-20-privilege-escalation-via-leaked-key)**: Privilege escalation via leaked key +- **[CIVI-SA-2019-21](https://civicrm.org/advisory/civi-sa-2019-21-poi-saved-search-and-report-instance-apis)**: POI via "Saved Search" and "Report Instance" APIs +- **[CIVI-SA-2019-22](https://civicrm.org/advisory/civi-sa-2019-22-xss-in-dashboard-titles)**: XSS in dashboard titles - **[CIVI-SA-2019-23](https://civicrm.org/advisory/civi-sa-2019-23-incorrect-storage-encoding-for-apiv4)**: Incorrect storage encoding for APIv4 -- **[CIVIEXT-SA-2019-02](https://civicrm.org/advisory/civiext-sa-2019-02-xss-in-civicase-v5-extension)**: XSS in CiviCase v5 Extension. +- **[CIVIEXT-SA-2019-02](https://civicrm.org/advisory/civiext-sa-2019-02-xss-in-civicase-v5-extension)**: XSS in CiviCase v5 extension -## Bugs Resolved +## Bugs resolved -- **([dev/core#1406](https://lab.civicrm.org/dev/core/issues/1406)) Report - Fix Filtering my Member shince in Member Summary Report: (bacport [15894](https://github.com/civicrm/civicrm-core/pull/15894))** -- **([dev/core#1391](https://lab.civicrm.org/dev/core/issues/1391)) Contribution Search - Fix issue where the cancel date was not being loaded which meant that cancelled contributions were not being greyed out: (backport [15893](https://github.com/civicrm/civicrm-core/pull/15893))** -- **([dev/core#1374](https://lab.civicrm.org/dev/core/issues/1374)) Contribution Search - Fix issue where after editing or clicking on the next link on a pager the form values would be lost when running the query and all contributions would be returned (backport [15896](https://github.com/civicrm/civicrm-core/pull/15896))** -- **([dev/core#1409](https://lab.civicrm.org/dev/core/issues/1409)) Additional Payment Form - Remove net amount field as causing problems when entering a refund as net amount wasn't being validated properly and should only be calculated. (backport [15889](https://github.com/civicrm/civicrm-core/pull/15889))** +- **_Member Summary Report_ - Fix filtering by "Member Since" ([dev/core#1406](https://lab.civicrm.org/dev/core/issues/1406): [15894](https://github.com/civicrm/civicrm-core/pull/15894))** +- **_Contribution Search_ - Fix issue with displaying cancellation date ([dev/core#1391](https://lab.civicrm.org/dev/core/issues/1391): [15893](https://github.com/civicrm/civicrm-core/pull/15893))** +- **_Contribution Search_ - Fix issue where search criteria were applied inconsistently ([dev/core#1374](https://lab.civicrm.org/dev/core/issues/1374): [15896](https://github.com/civicrm/civicrm-core/pull/15896))** +- **_Additional Payment Form, Payment API_ - Calculate "Net Amount" automatically. Remove error-prone field from UI. ([dev/core#1409](https://lab.civicrm.org/dev/core/issues/1409): [15889](https://github.com/civicrm/civicrm-core/pull/15889))** ## Credits @@ -40,5 +41,5 @@ various stages of reporting, analysis, development, review, and testing: Alan Dixon of Blackfly Solutions; Coleman Watts of CiviCRM; Daniel Compton of Armadillo Sec Ltd; Eileen McNaughton of Wikimedia Foundation; Kevin Cristiano of -Tadpole Collective; Patrick Figel of Greenpeace CEE; Seamus Lee of Australian -Greens; Tim Otten of CiviCRM; Mark Burdett of Electronic Frontier Foundation; +Tadpole Collective; Mark Burdett of Electronic Frontier Foundation; Patrick Figel +of Greenpeace CEE; Seamus Lee of Australian Greens; Tim Otten of CiviCRM -- 2.25.1