The issue described in XML Sitemap - Moderately Critical - XSS - SA-CONTRIB-2016-030 also affects Drupal 6! A series of patches are attached for different versions of xmlsitemap.

CommentFileSizeAuthor
SA-CONTRIB-2016-030-6.x-2.x.patch519 bytesdsnopek
SA-CONTRIB-2016-030-6.x-1.x.patch1.34 KBdsnopek
SA-CONTRIB-2016-030-6.x-1.2.patch878 bytesdsnopek
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

dsnopek created an issue. See original summary.

dsnopek’s picture

dsnopek
he/him
Primary language English
Location USA
CreditAttribution: dsnopek commented
Status: Needs review » Fixed

Committed the patches!

Fernando Iglesias’s picture

Fernando Iglesias CreditAttribution: Fernando Iglesias commented

Confirming the 2.x patch works. You guys are fast, thanks :)

dsnopek’s picture

dsnopek
he/him
Primary language English
Location USA
CreditAttribution: dsnopek commented

Thanks!

(BTW, we worked on the D6LTS patches before the issue was publicly disclosed, that's why we were able to release them so quickly :-))

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.