Security update

Changes since 7.x-2.3:

Major change in this release :
- Update Drupal core to 7.20, it includes a security fixes (Check the release notes before upgrading : http://drupal.org/drupal-7.20-release-notes)

• #1922030 by empowerbop, jsacksick: Fix wrong fields signature in migrate field handler.
• Update Jirafe to 1.0-rc1.

Maintenance and security release of the Drupal 7 series.

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:

• SA-CORE-2013-002 - Drupal core - Denial of service

No other fixes are included.

No changes have been made to the .htaccess, robots.txt or settings.php files in this release, so upgrading custom versions of those files is not necessary.

Important update notes (and known issues):

If you encountered difficulties upgrading to Drupal 7.20 as described below, try upgrading to Drupal 7.21 and following the instructions there.

The security fixes in this release change all image derivative URLs generated by Drupal to append a token as a query string. ("Image derivatives" are copies of images which the Drupal Image module automatically creates based on configured image styles; for example, thumbnail, medium, large, etc.)

Fixes text handling to prevent XSS injections in Watchdog messages or via admin settings. See SA-CONTRIB-2013-023 - Varnish module - Cross Site Scripting (XSS) for more details.

Fixes text handling to prevent XSS injections in Watchdog messages or via admin settings. See SA-CONTRIB-2013-023 - Varnish module - Cross Site Scripting (XSS) for more details.

Fixed security issues: SA-CONTRIB-2013-022
Added README.txt file with module description and installation instructions.

Changes since 7.x-1.6: