Logo-PE[1]

Logo-CE[1]

DotNetNuke 4.9.5 and 5.1.2 are now available for download.  DotNetNuke 5.1.2 is a stabilization release  focused exclusively on fixing outstanding bugs which did not make the cutoff for DotNetNuke 5.1.1 or which were discovered after 5.1.1 was released.  DotNetNuke 4.9.5 includes some security fixes and a critical fix which affected module caching.  DotNetNuke 4.9.5 represents that last release in the 4.x product line with all future development being focused on the 5.x platform.  As usual, if there are critical security issues, then we will certainly evaluate whether it warrants another 4.x release.  The DotNetNuke 5.1.2 Professional and Community edition releases continue the stabilization work that was begun with 5.1.1.  This release further solidifies an already great product and is the recommended version for production sites.  The changes outlined below were incorporated in these releases.  As usual, the complete details for all of the changes can be found in the ChangeLog.

DotNetNuke 4.9.5

Major Highlights
  • Fixed issue which caused the starter kit not to install properly
  • Fixed issue where cache was not working properly for web crawlers
Security Fixes
  • HTML/Script Code Injection Vulnerability in ClientAPI
  • HTML/Script Code Injection Vulnerability when operating with multiple languages
Updated Modules/Providers

The following modules and providers have been updated in the 4.9.5 packages.  Please see the specific project pages for notes on what bugs or enhancements were corrected with each release.

Modules
  • HTML 04.09.05
  • Events 05.00.02
Assemblies
  • WebControls 02.02.00
  • ClientAPI 04.01.02
Providers
  • none

DotNetNuke 5.1.2

Major Highlights
  • Fixed issue which caused modules not be properly upgraded to 5.x if they were missing a manifest file
  • Fixed issue where register link on the login module did not work when portal was configured for private membership
  • Fixed issue where en-US language was always enabled after an upgrade
  • Fixed issue where the language pack writer was not creating full language packs.
  • Re-added the PageStatePersistence setting to the Host Settings page with additional warning messages.
  • Fixed breaking change in ActionBase where properties were inadvertently removed instead of being marked obsolete.
  • Fixed issue where User settings were relying on default values, but the email API was not aware of the defaults.
  • Fixed issue where the HasObjectDependencies property of ScheduleItem was not properly calculated.
Security Fixes
  • HTML/Script Code Injection Vulnerability in ClientAPI
  • HTML/Script Code Injection Vulnerability when operating with multiple languages
Updated Modules/Providers

The following modules and providers have been updated in the 5.1.2 packages.  Please see the specific project pages for notes on what bugs or enhancements were corrected with each release.

Modules
  • HTML 05.01.03
  • Events 05.00.02
Assemblies
  • WebControls 02.02.00
  • ClientAPI 04.01.02
Providers
  • none