touch 7.x-1.9

Git tag 7.x-1.9
Security update
Bug fixes

Version 7.x-1.9 release

This release includes a fix for a security issue: SA-CONTRIB-2014-059

fate 7.x-1.1

Git tag 7.x-1.1
Security update

This resolves a critical security flaw that allows anonymous visitors, and any authenticated users who would not normally have access to edit the entity, to edit any fields that are enabled via this module. The problem is mitigated by the fact that fields must have the custom edit page specifically enabled, it is not automatic. Updating to this release is critically important to avoid a possible security breach when using this module.

SA-CONTRIB-2014-053 - Field API Tab Editor (FATE) - Access bypass

addressfield_tokens 7.x-1.4

Git tag 7.x-1.4
Security update
Insecure

Updating output and code style.

SA-CONTRIB-2014-052 - AddressField Tokens - Cross Site Scripting (XSS)

realname_registration 7.x-2.0

Git tag 7.x-2.0
Security update
Bug fixes
New features

SA-CONTRIB-2014-51 - Realname Registration - Information Disclosure
Changes since 7.x-2.0-rc2:

realname_registration 6.x-2.0

Git tag 6.x-2.0
Security update
Bug fixes

SA-CONTRIB-2014-51 - Realname Registration - Information Disclosure
Changes since 6.x-2.0-rc5:

  • New permission to control whether users can modify module settings
  • Handle unicode properly
  • Don't fail when optional middle name is omitted
  • Better username validation, including always allowing hyphens and apostrophes

commerce_postfinance 7.x-1.5

Git tag 7.x-1.5
Security update

This release resolves a security issue. See SA-CONTRIB-2014-050 - Commerce Postfinance ePayment - Access Bypass.

Pages

Subscribe with RSS Subscribe to RSS - Security update