email 6.x-1.4

Git tag 6.x-1.4
Security update

Security release: Fixes access bypass on contact form and XSS on email formatter

SA-CONTRIB-2012-169 - Email Field - Cross Site Scripting and Access bypass

mixpanel 6.x-1.1

Git tag 6.x-1.1
Security update
New features

Changes since 6.x-1.0:

  • #1762886 by dsnopek: Fix adding Mixpanel token to page.
  • #1837826 by dsnopek: Create a hook_update_n to enable mixpanel_defaults when updating Mixpanel
  • #1827414 by dsnopek: Move default tracking code to it's own module

services 7.x-3.3

Git tag 7.x-3.3
Security update
Bug fixes
Insecure

non-administer user can access mails of any active user: SA-CONTRIB-2012-168 - Services - Information Disclosure

ctools 6.x-1.10

Git tag 6.x-1.10
Security update
Insecure

tableofcontents 6.x-3.8

Git tag 6.x-3.8
Security update

Better check for the permissions when showing the table of content in the table of content block. Check that the user can actually see the node of which the table of content is being shown. If not the block remains empty. SA-CONTRIB-2012-166 - Table of Contents - Access Bypass.

smiley 6.x-1.1

Git tag 6.x-1.1
Security update

This release fixes a Cross Site Scripting (XSS) security issue. Please see the security advisory for more information. SA-CONTRIB-2012-164 - Smiley module and Smileys module - Cross Site Scripting (XSS)

Pages

Subscribe with RSS Subscribe to RSS - Security update