[prep-release-3.1.4] Add security issue to changelog

* prep-release-3.0.14:
  [prep-release-3.0.14] Add security relevant changes to CHANGELOG.html.
  [prep-release-3.0.14] Bump version numbers for 3.0.14 release.

Conflicts:
	build/build.xml
	phpBB/includes/constants.php
	phpBB/install/database_update.php
	phpBB/install/schemas/schema_data.sql

build/build.xml

@@ -2,9 +2,9 @@
 
 <project name="phpBB" description="The phpBB forum software" default="all" basedir="../">
 	<!-- a few settings for the build -->
-	<property name="newversion" value="3.1.4-RC2" />
+	<property name="newversion" value="3.1.4" />
 	<property name="prevversion" value="3.1.3" />
-	<property name="olderversions" value="3.0.12, 3.0.13, 3.0.13-PL1, 3.0.14-RC1, 3.1.0, 3.1.1, 3.1.2, 3.1.4-RC1" />
+	<property name="olderversions" value="3.0.12, 3.0.13, 3.0.13-PL1, 3.0.14, 3.1.0, 3.1.1, 3.1.2, 3.1.4-RC1, 3.1.4-RC2" />
 	<!-- no configuration should be needed beyond this point -->
 
 	<property name="oldversions" value="${olderversions}, ${prevversion}" />

phpBB/docs/CHANGELOG.html

@@ -113,6 +113,10 @@
 
 	<a name="v313"></a><h3>Changes since 3.1.3</h3>
 
+	<h4>Security</h4>
+	<ul>
+		<li>[SECURITY-180] - An insufficient check allowed users of the Google Chrome browser to be redirected to external domains (e.g. on login)</li>
+	</ul>
 	<h4>Bug</h4>
 	<ul>
 		<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-8050">PHPBB3-8050</a>] - Avatar &amp; Long PM recipients list break out of template</li>
@@ -2331,6 +2335,10 @@
 
 	<a name="v3013-PL1"></a><h3>Changes since 3.0.13-PL1</h3>
 
+<h4>Security</h4>
+<ul>
+<li>[SECURITY-180] - An insufficient check allowed users of the Google Chrome browser to be redirected to external domains (e.g. on login)</li>
+</ul>
 <h4>Bug</h4>
 <ul>
 <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13348">PHPBB3-13348</a>] - sql_freeresult() should be called in feed base class</li>

phpBB/includes/constants.php

@@ -28,7 +28,7 @@ if (!defined('IN_PHPBB'))
 */
 
 // phpBB Version
-define('PHPBB_VERSION', '3.1.4-RC2');
+define('PHPBB_VERSION', '3.1.4');
 
 // QA-related
 // define('PHPBB_QA', 1);

phpBB/install/schemas/schema_data.sql

@@ -273,7 +273,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('use_system_cron', '0');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.1.4-RC2');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.1.4');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400');
 

phpBB/phpbb/db/migration/data/v30x/release_3_0_14.php

@@ -0,0 +1,37 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v30x;
+
+class release_3_0_14 extends \phpbb\db\migration\migration
+{
+	public function effectively_installed()
+	{
+		return phpbb_version_compare($this->config['version'], '3.0.14', '>=') && phpbb_version_compare($this->config['version'], '3.1.0-dev', '<');
+	}
+
+	static public function depends_on()
+	{
+		return array('\phpbb\db\migration\data\v30x\release_3_0_14_rc1');
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('if', array(
+				phpbb_version_compare($this->config['version'], '3.0.14', '<'),
+				array('config.update', array('version', '3.0.14')),
+			)),
+		);
+	}
+}

phpBB/phpbb/db/migration/data/v31x/v314.php

@@ -0,0 +1,32 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+namespace phpbb\db\migration\data\v31x;
+
+class v314 extends \phpbb\db\migration\migration
+{
+	static public function depends_on()
+	{
+		return array(
+			'\phpbb\db\migration\data\v30x\release_3_0_14',
+			'\phpbb\db\migration\data\v31x\v314rc2',
+		);
+	}
+
+	public function update_data()
+	{
+		return array(
+			array('config.update', array('version', '3.1.4')),
+		);
+	}
+}