8.2.11
Cerb (8.2.11) is a maintenance update released on February 28, 2018. It includes 3 minor features and fixes from community feedback covering the 8.2 update. You can follow these instructions to upgrade.
-
[Platform/Sessions] Fixed an issue that prevented sessions from workers with IPv6 addresses when MySQL was in strict mode. Thanks to Thomas Gross for the report!
-
[Security/Attachments] Fixed a possible self-XSS issue when uploading attachments. [#604]
-
[Security/Clickjacking] Added
APP_SECURITY_FRAMEOPTIONS
toframework.config.php
to control embedding in IFRAMEs and mitigate clickjacking. The options arenone
(no headers/protection) andself
(only allow requests from within Cerb). The default isself
. You can usenone
if you intend to implement the headers yourself (e.g. from the webserver). [#605]