####################################
# v1.7.8.11 - (2023-12-13)
####################################
- Core:
- Improvement:
- #34820: Update prestashop modules for 1.7.8.11 (by @tleon)
- Bug fix:
- GHSA-XGPM-Q3MQ-46RQ: Some attribute not escaped in Validate::isCleanHTML method (by @matthieu-rolland)
- Tests:
- Refactoring:
- #33988: Functional tests - Fix random error in 'FO > Quick view product' (by @nesrineabdmouleh)
####################################
# v1.7.8.10 - (2023-07-19)
####################################
- Core:
- Improvement:
- GHSA-xw2r-f8xv-c8xp add missing html attributes (by @matthieu-rolland)
- Bug fix:
- #33028: Bump to mysql 8 in CI (by @lartist)
- Back Office:
- Improvement:
- GHSA-gf46-prm4-56pc protect from writing files on server through SQL form (by @matthieu-rolland)
- Tests:
- Improvement:
- #32893: Nightly : 1.7.8.x - Move to Github Actions (by @Progi1984)
- Bug fix:
- #33013: Nightly : Fixed mocha loader (1.7.8.x) (by @Progi1984)
- #32896: Fix github action runs on 1.7.8.x (by @boubkerbribri)
- Refactoring:
- #33231: Nightly : 1.7.8.x - Skip test for the issue 32914 (by @Progi1984)
- #32995: Functional tests - Fix random errors in the nightly 1.7.8.x (by @nesrineabdmouleh)
####################################
####################################
# v1.7.8.9 - (2023-04-25)
####################################
- Back Office:
- Improvement:
- #32140: Fix CVE 2023-25170 on 1.7.8.x (by @mflasquin)
- #32105: Release/manual verifications 1789 (by @mflasquin)
- Bug fix:
- #GHSA-8r4m-5p6p-52rp Fix arbitrary file ready through sql manager (found by truff@projet7.org / Sébastien Cantos)
- Core:
- Improvement:
- #GHSA-fh7r-996q-gvcp: Possible XSS injection through Validate::isCleanHTML method (by @ matthieu-rolland)
- #GHSA-p379-cxqh-q822 Fix executeS method making sure it does selection only (found by truff@projet7.org / Sébastien Cantos)
- Tests:
- Improvement:
- #32144: Nightly : Migrate from nightly.prestashop.com to nightly.prestashop-project.org (by @Progi1984)
####################################
# v1.7.8.8 - (2022-12-07)
####################################
- Back Office:
- Bug fix:
- #29693: Update material icons lib to fix the slow npm installation (by @NeOMakinG)
- #29465: Add available_now & available_later labels constraints (by @zuk3975)
- #29587: Replace exception message by custom error message when uploading avatar with
invalid extension (by @lartist)
- #29554: Replace exception message by custom message on invalid avatar on employee page
(by @lartist)
- #29224: Fix subcategories for multishop (by @MeKeyCool)
- #29553: Add min height on alert to center icons vertically (by @lartist)
- #29635: Do not reset customization in FO when changing combination (178x) (by @zuk3975)
- #29392: Fix menu items not showing on mobile (by @NeOMakinG)
- #29551: Text troncated on combine several attribute input (by @lartist)
- #29549: Fix validateSql method not accepting EXISTS after WHERE (by @atomiix)
- #29246: Fix Stock page style with RTL (by @MeKeyCool)
- #29307: Remove module_card.js from the product page v1 (by @NeOMakinG)
- #29214: Fix logo on pdf for RTL (by @MeKeyCool)
- #29096: BO - Bad display on Your Profile button on all of pages when hover and click on
it (by @okom3pom)
- #28706: Fix orders export limit (by @Seb33300)
- #28829: Fix performances links spaces and URLs (by @NeOMakinG)
- #28392: Fix back-office translations when multishop and multiple languages (by
@MeKeyCool)
- #28821: Handle fallback when currency has empty display names (by @jolelievre)
- Front Office:
- Improvement:
- #28232: Optimizing queries for checking address existence (by @Progi1984)
- Bug fix:
- #28838: Update AbstractForm.php for Multilanguage fields (by @panariga)
- #29715: Fix discount detail in cart when a product has en ecotax with applied tax (by
@mflasquin)
- #29910: Fix image size when zooming on tablet (by @NeOMakinG)
- #29665: Fix bad selector to fix checkbox issues on RMA (by @mflasquin)
- #29632: Select new invoice address automatically (by @lartist)
- #29471: Fix ps_facetedsearch - bad display after clearing a filter of no result (by
@leemyongpakvn)
- #29413: Fix displayPackPrice compare price value instead of formatted price (by
@jolelievre)
- #29373: Fix checkout when one module and no cgv validation (by @okom3pom)
- #29055: Fix anchor links in product list (by @jolelievre)
- #28904: Fix responsive for product quick view. (by @MeKeyCool)
- #27841: Multistore - Product on category page display out of stock flag instead of
availlable on order (by @Rizzen59)
- #28426: Fix product images size consistency (by @MeKeyCool)
- #27738: FO : Fix offset for "NEW" products listing (by @idnovate)
- Core:
- Improvement:
- #30454: Update composer dependencies (by @mflasquin)
- #29586: [BC Break] Disable execution of multiple statements in a single SQL query (by
@atomiix)
- #29636: Upgrade Smarty to 3.1.47 (by @mflasquin)
- #29235: Update prestashop 1.7.8.x composer dependencies (by @matks)
- #29172: Save Smarty caching type setting in file instead of DB (by @atomiix)
- #29227: Bump wishlist to 2.1.2 (by @NeOMakinG)
- Bug fix:
- #30114: Do not build a domain from the module name (Cherry pick of #30080) (by @atomiix)
- #29504: Cherry-pick #29502 (by @atomiix)
- #27422: [BC Break] Use core translations sources for themes in addition to the
translations of the theme itself (by @atomiix)
- #28780: Add cache to AddressFactory::addressExists() (by @eternoendless)
- #28608: Set $registeredHookName as renderWidget when no hook given (by
@PrestaEdit)Contributors
- #GHSA-9qgp-9wwc-v29r: User needs to have rights to see /uploads/* content (by @atomiix)
- Installer:
- Bug fix:
- #30099: Fix issue on fresh installation with docker in branch 1.7.8.x (by @sefirosweb)
- #29420: Clear translations cache before translating fixtures (by @atomiix)
- #28845: Update to latest blockwishlist module version 2.1.1 (by @jolelievre)
- Tests:
- Bug fix:
- #29698: Disable apache mpm_event module in the CI (cherry-pick) (by @atomiix)
- Refactoring:
- #28682: Functional tests - Fix some random errors on nightly 178x (by @nesrineabdmouleh)
####################################
# v1.7.8.7 - (2022-07-20)
####################################
- Core:
- Bug fix:
- #GHSA-hrgx-p36p-89q4: Chain: SQL Injection (CWE-89) and Eval Injection (CWE-95) (by @atomiix)
Copyright 2K16 - 2K18 Indonesian Hacker Rulez