CakePHP 2.10.6 Released
The CakePHP core team is happy to announce the immediate availability of CakePHP 2.10.6. This is a maintenance release for the 2.10 branch that fixes several community reported issues. This release contains a security fix for Controller::postConditions() and we recommend you upgrade quickly if you rely on this function. We’d like to thank ‘ooooooo_q’ for notifying us of this issue through our responsible disclosure process and working with us on a fix.
Bugfixes & New Features
You can expect the following changes in 2.10.6. See the changelog for every commit.
- Improved API documentation.
- Improved web test runner compatibility with new versions of PHPUnit.
- CakeSession now supports a timeout mode that is forwards compatible with CakePHP 3.x. This will help improve session compatibility for applications that are straddling both versions.
- The order option to find() once again supports string expressions.
- CakeRequest::referer(true) correctly handles protocol relative URLs embedded in the path.
- Controller::postConditions() now raises exceptions when characters outside of A-Za-z0-9_- are found in the model or field names.
Contributors to 2.10.6
Thank you to all the contributors that helped make this release happen:
- Koji Tanaka
- Mark Sch
- Mark Story
- Mischa ter Smitten
- Val Bancer
- chinpei215
- db-bogdan
As always, we would like to thank all the contributors that opened issues, created pull requests or updated the documentation.
Download a packaged release on github.