protected_pages 7.x-2.4

Git tag 7.x-2.4
Security update

Password protection bypass issue is fixed.

SA-CONTRIB-2014-111 - Protected Pages - Password Protection Bypass

nodeaccess 6.x-1.5

Git tag 6.x-1.5
Security update

Fixes: SA-CONTRIB-2014-097 - nodeaccess - Access Bypass
- Add weight to alias for disabled role.
- Issue #436918: Aliases not being saved for disabled role.
- Issue #557344: Invalid argument in nodeaccess_delete_userreference.

nodeaccess 7.x-1.4

Git tag 7.x-1.4
Security update

Fixes: SA-CONTRIB-2014-097 - nodeaccess - Access Bypass

freelinking 7.x-3.3

Git tag 7.x-3.3
Security update
Insecure

Security issue SA-CONTRIB-2014-072 fixed.

freelinking 6.x-3.3

Git tag 6.x-3.3
Security update
Insecure

Issues fixed in this release:

The security problems documented in SA-CONTRIB-2014-072 is fixed in this release (6.x-3.3).

From now on, the 6.x branch will be minimally maintained, and the focus will be on the 7.x branch (and later on the 8.x branch).

services 7.x-3.10

Git tag 7.x-3.10
Security update
Bug fixes
New features
Insecure

Several security updates in this release. see: SA-CONTRIB-2014-092

New user's password set to weak password in _user_resource_create()

When creating a new user account via Services, the new user's password was set to a weak password.

This issue is mitigated by the fact that the user resource must be enabled (or least have been enabled in the past) and new user registration permitted via Services.

Pages

Subscribe with RSS Subscribe to RSS - Security update