Drupal Association members fund grants that make connections all over the world.
This release contains an important security fix. Users of the module are strongly encouraged to update to this version as soon as possible.
If you are using an older version, incorrectly escaped error messages might lead to your site being vulnerable to an XSS attack. Note, however, that this can only occur if you somehow allow users to specify the used internal field identifiers (e.g., through Views exposed sorts or the old (deprecated) Search API Facets module).
Complete list of changes:
- Fixed escaping of error messages.
- #1480170 by kotnik: Fixed return value of hook_requirements().
- #1500210 by ezra-g, acrollet, jsacksick: Fixed errors when installing with non-default installation profiles.
- #1444432 by Damien Tournoud, jsacksick: Added field-level boosting.
- #1302406 by Steven Jones: Fixed autoload problem during installation.
- #1340244 by drunken monkey, alanomaly: Added more helpful error messages.