commons 7.x-3.10

Security update
Bug fixes
New features
Insecure

For full release notes and upgrade instructions, please see http://docs.acquia.com/commons.

Drupal Commons 3.10 (Drupal 7.27 core) contains the following updates, fixes, and security patches:

professional_theme 7.x-2.04

Security update

The theme did not sufficiently sanitize theme settings input for custom copyright information

This vulnerability is mitigated by the fact that an attacker must have a role with the permission "Administer themes".

custom_search 7.x-1.16

Security update
Bug fixes

Security

Bug fix

custom_search 6.x-1.13

Security update

SA-CONTRIB-2014-043 - Removed Cross site scripting in Custom Search Taxonomy module settings

versioncontrol 7.x-1.0-rc3

Security update
Bug fixes
New features

Changes since 7.x-1.0-rc2:

  • by drumm, marvil07: Improve commit message sanitization.
  • Prevent adding empty vcs condition on repository controller.
  • New option for drush vc-sync to force repository unlocking.
  • #1796144 follow-up: Catch unknown exceptions on event processor plugin execution.
  • #1796144: Added an event processor plugin type for repositories.
  • Minor fixes on example backend to pass tests.

drupal 7.27

Security update
Insecure

Maintenance and security release of the Drupal 7 series.

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:

No other fixes are included.

Pages

Subscribe with RSS Subscribe to RSS - Security update