og_extras 7.x-1.2

Git tag 7.x-1.2
Security update

This release addresses an issue in which the og_extras module queries the database directly, or via the og module's helper functions, without passing in the groups entity type. In some cases simply using the groups ID isn't enough to uniquely identify the group, and the entity type of the group in question should be used as well.

This adds new parameters to the effected functions, and defaults the entity type to 'node' in order to ensure this release is backwards compatible.

imagefield_info 7.x-1.2

Git tag 7.x-1.2
Security update

See Imagefield Info - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-088

uc_webform 7.x-2.4

Git tag 7.x-2.4
Security update

See SA-CONTRIB-2015-061 - Ubercart Webform Integration - Cross Site Scripting (XSS)

uc_webform 6.x-1.8

Git tag 6.x-1.8
Security update

See SA-CONTRIB-2015-061 - Ubercart Webform Integration - Cross Site Scripting (XSS)

entitybulkdelete 7.x-1.1

Git tag 7.x-1.1
Security update

See EntityBulkDelete - Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-089

zeroclipboard 6.x-2.2

Git tag 6.x-2.2
Security update

Switching to the 2.x version of zeroclipboard for security reasons with version 1.3.0 (which was used in the previous of this module)

Pages

Subscribe with RSS Subscribe to RSS - Security update