This is a maintenance release to resolve the following issues:
-
Permission matrix can show incorrect permissions when using the Member > Group permission tool.
-
Using Authorize.Net Payment Gateway may result in an error.
-
A logged in member without a valid timezone set will trigger exceptions any time another members age is checked.
-
Where the upgrader can result in a fatal error due to an invalid class stored for a Pages record comment.
-
An upgrade error where reports are loaded for Pages databases that no longer exist.
-
Orphaned comments trigger an exception when search index is rebuilding.
-
An exception can occur continued upgrades: DateTime::setTimestamp() expects parameter 1 to be long, object given.
-
Recursion can occur if the core_log table doesn't exist yet (as happens during auto upgrade).
-
An issue where importing a theme can break CSS.
-
MySQL strict mode upgrade to 4.1.12 can fail.
-
Installing a new plugin via the ACP can fail.
As part of our ongoing internal security audit, this release also improves security in the following areas:
-
Possible XSS in the "hovercard" system.
-
Further hardening to the insecure file upload code.
Źródło: https://invisionpower.com/release-notes/41121-r43/
czw, 01 wrzesień 2016