Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Install
Works with Drupal: 7.xUsing Composer to manage Drupal site dependencies
Downloads
Download deploy-7.x-2.0-beta2.tar.gztar.gz
47.8 KB
MD5: 609501cef4238d9dbeec943d5f8ee9ea
SHA-1: 4306e9d97e4e38f2ce6ad3fea539f7b1ccab2d68
SHA-256: b30751a9dbf7bb55f89ce9b4982e8af44d4caf324f340d7171d3bf3e866b029f
Download deploy-7.x-2.0-beta2.zipzip
76.09 KB
MD5: 18af6a009316f4b6bad1ed26844704b4
SHA-1: 39fe9a77a0795fff524dab288df4cc3230516457
SHA-256: 136896275cec2758b51cb32e40020921ff3d54e89b0459093b221c38233158fc
Release notes
This release fixes a XSS vulnerability in the deploy_ui sub module caused by the module not sanitising output in the plan empty confirmation message. This vulnerability can only be exploited by users with the Administer Deployments permission and only impacts users with that permission who empty a plan created by a malicious user.
All changes since 7.x-2.0-beta1 release:
* #2692087: XSS vulnerability in empty plan functionality in deploy_ui.module by skwashd
* #2638954: Deleted node revisions should be removed from managed deploy plans by Cottser
Security update
Bug fixes
