From c1ed33896e74705fb48039d7ded9da04a50a6de3 Mon Sep 17 00:00:00 2001 From: Tim Otten Date: Wed, 15 Feb 2023 13:54:30 -0800 Subject: [PATCH] Add release-notes/5.58.1.md --- release-notes.md | 10 ++++++++ release-notes/5.58.1.md | 53 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) create mode 100644 release-notes/5.58.1.md diff --git a/release-notes.md b/release-notes.md index 72860683d0..84ff07e9d0 100644 --- a/release-notes.md +++ b/release-notes.md @@ -81,6 +81,16 @@ Released March 1, 2023 - **[Credits](release-notes/5.59.0.md#credits)** - **[Feedback](release-notes/5.59.0.md#feedback)** +## CiviCRM 5.58.1 + +Released February 15, 2023 + +- **[Synopsis](release-notes/5.58.1.md#synopsis)** +- **[Security advisories](release-notes/5.58.1.md#security)** +- **[Bugs resolved](release-notes/5.58.1.md#bugs)** +- **[Credits](release-notes/5.58.1.md#credits)** +- **[Feedback](release-notes/5.58.1.md#feedback)** + ## CiviCRM 5.58.0 Released February 1, 2023 diff --git a/release-notes/5.58.1.md b/release-notes/5.58.1.md new file mode 100644 index 0000000000..db065998ce --- /dev/null +++ b/release-notes/5.58.1.md @@ -0,0 +1,53 @@ +# CiviCRM 5.58.1 + +Released February 15, 2023 + +- **[Synopsis](#synopsis)** +- **[Security advisories](#security)** +- **[Bugs resolved](#bugs)** +- **[Credits](#credits)** +- **[Feedback](#feedback)** + +## Synopsis + +| *Does this version...?* | | +| --------------------------------------------------------------- | -------- | +| Change the database schema? | no | +| Alter the API? | no | +| Require attention to configuration options? | no | +| Fix problems installing or upgrading to a previous version? | no | +| Introduce features? | no | +| **Fix bugs?** | **yes** | +| **Fix security vulnerabilities?** | **yes** | + +## Security advisories + +* **[CIVI-SA-2023-04](https://civicrm.org/advisory/civi-sa-2023-04-file-type-restrictions): File Type Restrictions** +* **[CIVI-SA-2023-05](https://civicrm.org/advisory/civi-sa-2023-05-quick-add-xss): Quick Add XSS (WordPress)** +* **[CIVI-SA-2023-06](https://civicrm.org/advisory/civi-sa-2023-06-dompdf-203): Dompdf 2.0.3 RCE** + +## Bugs resolved + +* **_CiviContribute_: PDF invoice renders with incorrect formatting ([dev/core#4080](https://lab.civicrm.org/dev/core/-/issues/4080): [#25547](https://github.com/civicrm/civicrm-core/pull/25547))** +* **_CiviEvent_: Excessive validation of title field ([dev/core#4119](https://lab.civicrm.org/dev/core/-/issues/4119): [#25578](https://github.com/civicrm/civicrm-core/pull/25578))** +* **_CiviReports_: Error "no such field" when displaying to limited-access user ([dev/core#4068](https://lab.civicrm.org/dev/core/-/issues/4068): [#25525](https://github.com/civicrm/civicrm-core/pull/25525))** +* **_Extensions_: During installation, new classes may not initially load ([dev/core#4055](https://lab.civicrm.org/dev/core/-/issues/4055): [#25379](https://github.com/civicrm/civicrm-core/pull/25379))** +* **_Status Check_: Tweak severity of new timezone warning ([#25583](https://github.com/civicrm/civicrm-core/pull/25583/))** +* **_Testing_: Headless tests should initialize timezone ([#25534](https://github.com/civicrm/civicrm-core/pull/25534))** +* **_Tokens_: Tokens like `{contact.email_primary.email}` do not render consistently ([dev/core#4109](https://lab.civicrm.org/dev/core/-/issues/4109): [#25548](https://github.com/civicrm/civicrm-core/pull/25548/))** + +## Credits + +This release was developed by the following authors and reviewers: + +Wikimedia Foundation - Eileen McNaughton; timinaust; Tadpole Collective - Kevin Cristiano; +Megaphone Technology Consulting - Jon Goldberg; Maria; JMA Consulting - Seamus Lee; +Deloitte - Andrea Intilangelo; Dave D; CiviDesk - Yashodha Chaku; CiviCRM - Tim Otten; +CiviCoop - Klaas Eikelboom, Erik Hommel; Circle Interactive - Pradeep Nayak; Bob Silvern; +ben_fairless; Australian Greens - Andrew Cormick-Dockery + +## Feedback + +These release notes are edited by Tim Otten and Andie Hunt. If you'd like to +provide feedback on them, please login to https://chat.civicrm.org/civicrm and +contact `@agh1`. -- 2.25.1