Security update

Fix for SA-CONTRIB-2013-039 - Commons Wikis - Access bypass & Privilege escalation

SA-CONTRIB-2013-038 - Commons Groups - Access bypass & Privilege escalation

#1954472: Give group owners the organizer role
#1941458 by japerry: check only to see if the title was administrator member and change it to organizers. If its anything else then it was changed manually and we shouldn't do anything.
#1941458 by Zarabadoo: Change the term "administrator member" to "Organizers" on the Group contributors block.
#1821808: Change contributor view block titles to match the interactive prototype
#1947130 by japerry: check all vowels before using a/an for a create node title.
remove auto anonymous group add
#1940150: reverting the organizers role in support of theming views to display the labels instead
#1936642 by japerry, ezra-g: Add placeholder for group directory, add update script for reverting the groups features
#1936642: add description to og_group references
Followup to Issue #1936714 by ezra-g: Fixed Authenticated users should have permission to create a group.
#1936714 by ezra-g: Fixed Authenticated users should have permission to create a group.
#1910874 by ezra-g, japerry: Fixed Anonymous users are able to create content (Beta=>3.x stable upgrades only).
#1936446 by ezra-g: Fixed Group content visibility field not added to OG-enabled content types after enabled Commons Groups Privacy.

See also SA-CONTRIB-2013-037 - Rules - Cross Site Scripting (XSS)

Changes since 7.x-2.2:

Security update and bug fixes:
o #1513176: Notice: Undefined variable: themed_regions in zeropoint_preprocess_block()
o hoverIntent r6 update

See SA-CONTRIB-2013-036 - Zero Point - Cross Site Scripting (XSS) for more details.

Major updates since the latest version :
- Drupal core 7.21
- Views 3.6 (Security update)

Other modules updates :
- Commerce Backoffice to 1.2
- Commerce Search API to 1.1
- TItle 1.0-alpha7
- Commerce kiala 1.0-rc1
- Shiny 1.1
- Commerce Addressbook 1.0-rc4
- Commerce Hosted PCI 1.0-rc1
- Message 2.4
- Jirafe 1.0-rc2
- Commerce Payleap 1.0
- Libraries 2.1
- Crumbs to 1.9
- Token to 1.5
- Connector 1.0-beta2

Other changes since 7.x-2.4:

The security issue in views is caused by various places in the views UI where a string is not sanitized,
because it has been assumed to be static and by commiters, though you can change some of these strings using other administrative permissions. SA-CONTRIB-2013-035 - Views - Cross Site Scripting (XSS)

Other commits:

• #82088 by grisendo: Add sanitation in various places in the views UI
• #1920690 by jnettik: Added Allow for inline to be configured for jump menus.
• #1551534 by bcn: Added Allow a button in an exposed forms to trigger ajax.
• #1914024 by peximo | heyyo: Fixed Title-overriden term name not translated on a taxonomy overriden views page.
• #1889198 by Pedro Lozano: Fixed Performance problem in _views_fetch_data(), multiple unnecessary cache rebuilds.
• #1496418 by dawehner, hass, webflo: Fixed Views: Don't change capitalization of translatable strings with CSS.
• #1852116 by Les Lim, Chris Burge: Added Backport from D8: Customizable true/false Views output for booleans.