[panels] Add patches for CONTRIB-2016-047 [#2785707]

The Panels module has a critical access bypass vulnerability. This SA which covers D7 was just released:

https://www.drupal.org/node/2785631

Attached is a backport of those changes to the D6 version of Panels

Comment	File	Size	Author
	SA-CONTRIB-2016-047.patch	26.06 KB	dsnopek

Comments

Comment #1

17 August 2016 at 18:10

dsnopek created an issue. See original summary.

Comment #2

dsnopek

he/him

English

USA

commented 17 August 2016 at 18:11

Status:

Active

» Fixed

Committed!

Comment #3

31 August 2016 at 18:14

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

Comment #4

shawn.kwang commented 12 May 2017 at 16:35

@dsnopek,

The Panels patch here breaks Panels admin interface in the same way as the Issue 2785915. I believe your patch from comment #18 fixes the bug here too. You may want to consider including it here as well.

What I did:

Applied the patch for this issue.
Ran drush updatedb.
Downloaded the patch from (https://www.drupal.org/files/issues/panels-storage-backcompat-2785915-18.patch) and applied it too.

[panels] Add patches for CONTRIB-2016-047

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Child issues

News items

Our community

Documentation

Drupal code base

Governance of community