Security update

This release contains only a security update (see The eXtensible Catalog (XC) Drupal Toolkit - Critical - Cross Site Request Forgery (CSRF) - SA-CONTRIB-2015-121 for details).

Issues fixed in this version

• #2507619 The eXtensible Catalog (XC) Drupal Toolkit - Critical - Cross Site Request Forgery (CSRF) - SA-CONTRIB-2015-121

This release contains only a security update (see The eXtensible Catalog (XC) Drupal Toolkit - Critical - Cross Site Request Forgery (CSRF) - SA-CONTRIB-2015-121 for details).

Issues fixed in this version

• #2507619 The eXtensible Catalog (XC) Drupal Toolkit - Critical - Cross Site Request Forgery (CSRF) - SA-CONTRIB-2015-121

Encrypt - Moderately Critical - Weak Encryption - SA-CONTRIB-2015-166

This release makes the following changes to encryption methods and key providers that are included in the project:

Removed the "Basic" (default) encryption method
This method has been deprecated and removed from the list of available methods, though it remains available for decrypting existing data.

Fixes Flag clear - Moderately Critical - Cross Site Request Forgery (CSRF) - SA-CONTRIB-2017-017

All flag clearing links now require tokens for authentication purposes.

See Mayo theme - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-164
Removed admin settings for margins associated with logo, site name, and slogan to fix #2550593. Positioned with padding in styles.css
Issue #2509832 by Reg: Notice: Array to string conversion in mayo_get_plugins() (line 34 of .../mayo/inc/plugins.inc)
array_unique error corrected.
Improved styling for tabs.
Add feature to display breadcrumb Bartik style.

See Mayo theme - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-164

Only minor changes to the 7.x-1.3 version.

• Added padding to language switcher block ul.
• Language switcher margin added.