g2 5.x-1.1

Security update

Final version for the Drupal 5 branch.

Equivalent to the latest dev version in that branch. No new features or bugs discovered.

g2 6.x-1.0

Security update

This is the first stable version of G2 for Drupal 6.x.

It includes several security fixes over the pre-release -dev version, as well as a new XML-RPC client demo.

However, the -dev branch is quite stable and should be preferred in most cases.

rootcandy 6.x-1.5

Security update

The theme fails to sanitize a value in the url, leading to a Cross Site Scripting (XSS) vulnerability.

zen 6.x-1.1

Security update
New features
Bug fixes

See SA-CONTRIB-2012-081 - Zen - Cross Site Scripting.

  • #478134 by mithrill: Improve docs about sites/all/themes and sites/default/themes folders
  • #600758 by mattyoung: Secondary links run together in one line with primary links
  • #600344 by mgifford: Use of absolute font size in block editing links breaks WCAG 2.0
  • #546904 by Jennifer_M: List $node as available variable in page.tpl.php
  • #583716 by droidenator: Empty title can cause breadcrumbs to display incorrectly
  • #600920 by kto.3decb: Fix incorrect comment block class name
  • #297084: Remove ctype_lower() from zen_id_safe() to prevent WSOD/Fatal error on some systems
  • #317417 by JohnAlbin and quicksketch: Fix off-line maintenance page since drupal_get_path('theme', 'zen') won't work
  • #545320 by Deslack: Use of split() generate E_DEPRECATED warnings on PHP 5.3.0

Pages

Subscribe with RSS Subscribe to RSS - Security update