nodeaccess_userreference 7.x-3.10

Git tag 7.x-3.10
Security update

When an author has created content containing a user reference field (with author update/delete grants enabled) and the author's user account is later deleted, content created by them can be edited by anonymous users.

This release fixes this issue.
SA-CONTRIB-2013-049 - Node access user reference - Access Bypass

nodeaccess_userreference 6.x-3.5

Git tag 6.x-3.5
Security update

When an author has created content containing a user reference field (with author update/delete grants enabled) and the author's user account is later deleted, content created by them can be edited by anonymous users.

This release fixes this issue.

SA-CONTRIB-2013-049 - Node access user reference - Access Bypass

edit_limit 7.x-1.3

Git tag 7.x-1.3
Security update

Fix for SA-CONTRIB-2013-048 - Edit Limit - Access Bypass

Resolved an issue where comment access was being improperly checked when edit limits were set for comments.

ga_login 6.x-1.2

Git tag 6.x-1.2
Security update
New features

Changes since 6.x-1.1:

  • #89833 by mr.baileys, lva: Fixed Potential Access Bypass vulnerability in GA Login.

Make sure to check the permissions after updating.
There's also a new setting on the user/uid/edit page to force the use of a code.

ga_login 7.x-1.4

Git tag 7.x-1.4
Security update
New features

Changes since 7.x-1.3:

  • #89833 by mr.baileys, lva: Fixed Potential Access Bypass vulnerability in GA Login.
  • #1922636 by Attiks, Devin Carlson | Jean Gionet: Added specify [site_name()] value.
  • #1922636 by Devin Carlson | Jean Gionet: Added specify [site_name()] value.

filebrowser 6.x-2.2

Git tag 6.x-2.2
Security update

SA-CONTRIB-2013-046 - Filebrowser - Reflected Cross Site Scripting (XSS)

Pages

Subscribe with RSS Subscribe to RSS - Security update