Feature Updates

  • Better mobile support for dashboard (thanks hissy!)
  • Improved performance when running concrete5 on a site that uses multiple languages (thanks mlocati.)

Bug Fixes

  • Fixed Empty Trash removes content NOT in Trash (thanks mlocati)!
  • Fixed Can't move an alias – it moves original page (thanks mlocati!)
  • Fixed http://www.concrete5.org/developers/bugs/5-6-3/unable-to-download-multiple-files-under-some-circumstances/ (Thanks mlocati)!
  • Fixed inability to save date picker date in some circumstances (thanks Remo.)
  • Fixed inability to upload multiple files in file manager (thanks mlocati!)
  • Fixed open_basedir warning error when logging in if open_basedir protection is enabled (thanks NKay)
  • Fixed Rich Text Editor "Simple" mode not translated (thanks Remo).
  • Fallback to GD library if processing with Imagick fails (thanks mlocati).
  • fixed errors that displayed when opening an image that didn’t exist on systems with the Imagick extension installed (thanks mlocati)!
  • Fix toolbar not showing on aliased pages when logged in (thanks francz)
  • Fixed http://www.concrete5.org/developers/bugs/5-6-3/apostrophe-problem-in-page-controls/ (thanks mlocati)
  • Fixed Google Maps block offset when using coordinates (thanks mlocati)

Security Fixes

  • Removed incorrect permission checks on file replace that would only check whether user had access to add files (and not replace the particular file.) (thanks Mnkras)
  • Removed potential email buffer overflow bug in MySQL.
  • Don't show that a page is pending approval unless they can view the toolbar (thanks Mnkras)
  • Removed potential display of broken SQL query when passing arrays as tags to be viewed (note: no SQL injection potential.)
  • Removed XSS vulnerability in Open Flash Chart third party library by removing library.
  • Removed XSS vulnerability in SecurImage helper files by removing unneeded helper HTML files in third party library