node_gallery 6.x-3.2

Git tag 6.x-3.2
Security update

Fixes SA-CONTRIB-2012-068 security vulnerability.

contact_forms 7.x-1.3

Git tag 7.x-1.3
Security update

Fixes Access bypass for settings form.

See SA-CONTRIB-2012-074 - Contact Forms - Access Bypass for more details.

smart_breadcrumb 6.x-1.3

Git tag 6.x-1.3
Security update

See SA-CONTRIB-2012-078 - Smart Breadcrumb - Cross Site Scripting (XSS).
Fixing XSS vulnerability reported by coltrane:
The function filter_titles() incorrectly attempts to set a title to plain-text, but is only using Drupal's t() function which does not run any sanitization.

glossary 6.x-1.8

Git tag 6.x-1.8
Security update

SA-CONTRIB-2012-073 - Glossary - Cross-Site Scripting (XSS)

drupal 7.13

Git tag 7.13
Security update
Insecure

Maintenance and security release of the Drupal 7 series. Only fixes for security vulnerabilities have been committed. New features are only being added to the forthcoming Drupal 8.0 release.

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:

spaces 6.x-3.4

Git tag 6.x-3.4
Security update
Insecure

FIX for SA-CONTRIB-2012-066

Resolves issue with Spaces and Spaces OG modules (part of the spaces package) which in some cases did not apply the expected spaces access permission to pages that are non-objects (e.g. /node)

Pages

Subscribe with RSS Subscribe to RSS - Security update