Release info

Created by: drunken monkey
Created on: October 17, 2012 - 08:01
Last updated: October 23, 2012 - 11:58
Core compatibility: 7.x

Release notes

See SA-CONTRIB-2012-156 - Search API - Cross Site Request Forgery (CSRF)

This is a security release, containing an important security fix. Users of the project are strongly encouraged to update to this version as soon as possible.
In older versions, the “enable server” and “enable index” functionalities aren't properly guarded against CSRF attacks, leading to an attacker being able to enable any disabled server and all disabled indexes that are connected to a server. See the security advisory for details.

Complete list of changes: