nucleus 7.x-1.6

Git tag 7.x-1.6
Security update

This release fixes SA-CONTRIB-2018-031.

There are no other changes in this release.

commerce_klarna_checkout 7.x-1.5

Git tag 7.x-1.5
Security update

Use Klarna order id for the klarna callback instead of Klarna order URI.

Fixes https://www.drupal.org/sa-contrib-2018-062

tft 7.x-1.1

Git tag 7.x-1.1
Security update

Checking for the use private file schema and checking possible custom access to file on custom path.

Fixes https://www.drupal.org/sa-contrib-2018-061

renderkit 7.x-1.6

Git tag 7.x-1.6
Security update
Insecure

Security: EntityDisplay_ListOfRelatedEntities and some similar classes do not check access to view referenced entities.

Renderkit - Moderately critical - Access bypass - SA-CONTRIB-2018-060

tft 8.x-1.0-beta2

Git tag 8.x-1.0-beta2
Security update

When downloading item checking $file->access('view') as well as $file->access('download') and invoking hook_file_download()

Fixes https://www.drupal.org/sa-contrib-2018-061

fraction 7.x-1.7

Git tag 7.x-1.7
Security update
  • Filter field formatter separator through field_filter_xss().

Pages

Subscribe with RSS Subscribe to RSS - Security update