mailjet 7.x-2.23

Git tag 7.x-2.23
Security update
Bug fixes

Mailjet - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-062

Contributors (3):

@bohart, @abramm

Changelog

PHP notices and warnings fixes.

mailjet 4.0.1

Git tag 4.0.1
Security update
Bug fixes

Mailjet - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-062

Contributors (3):

@mihaskep, @bohart, @abramm

Changelog

Coding standards, installation bugs, PHP notices and PHP warnings fixes.

node_export 7.x-3.3

Git tag 7.x-3.3
Security update

https://www.drupal.org/sa-contrib-2024-061

Along with other protections, this release adds the 'allowed_classes' => FALSE option to unserialize() when importing content using the relevant format.

See: https://www.php.net/manual/en/function.unserialize.php

postfile 1.0.2

Git tag 1.0.2
Security update
  • Restrict the uploaded file to a list of configurable extensions.
  • Limit the endpoint to basic authentication.

POST File - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-059.

POST File - Critical - Cross Site Scripting, Arbitrary PHP code execution - SA-CONTRIB-2024-060.

tooltip 1.1.2

Git tag 1.1.2
Security update

Fix a vulnerability with insufficient filtering on markup rendering.

Tooltip - Moderately critical - Cross site scripting - SA-CONTRIB-2024-058.

basic_auth 7.x-1.4

Git tag 7.x-1.4
Security update
Bug fixes

See also Basic HTTP Authentication - Critical - Access bypass - SA-CONTRIB-2024-057.

Contributors (4)

roderik, mr.baileys, dylf, sjerdo

Changelog

Issues: 2 issues resolved.

Pages

Subscribe with RSS Subscribe to RSS - Security update