Download login_security-7.x-1.3.tar.gztar.gz 20.69 KB
MD5: 3bd33ee563b2162a90ffbc213f3a9ab0
SHA-1: 9d4c58123cab1182a19231e0aede0da5b9987428
SHA-256: a4e252b50d174588bc5774890990ce03f04e08c505f5652549dbc926df213df3
Download login_security-7.x-1.3.zipzip 24 KB
MD5: 30f1aae89c5fdf711386ab93a61e6a83
SHA-1: 6a8f2530d59f49df998319a3c016d22eb356b1df
SHA-256: d0335855b6258b7b2b071dada1050819f0c2431824b901a7e7b7e1be0c4fa44f

Release info

Created by: deekayen
Created on: June 19, 2013 - 16:54
Last updated: November 7, 2013 - 22:03
Core compatibility: 7.x
Release type: Security update, Bug fixes

Release notes

Resolve a condition where a specially crafted username could bypass Login Security's validation. - SA-CONTRIB-2013-053 - Login Security - Multiple Vulnerabilities

Removes the option for login delay, because it could lead to a denial of service.

Bugfix: #1966960: login_security incorrectly calls "drupal_get_messages" without FALSE as the second parameter