temporary_invitation 5.x-2.3

Security update
New features
Bug fixes

security bugfix:
* fixing XSS problem when displaying invitations

other fixes and improvements since 5.x-2.2:

nodehierarchy 5.x-1.3

Security update
Bug fixes

Fixed string translation issue and added check_plain to node title in tooltips in the child page ui.

taxonomy_filter 6.x-1.1

Security update
Insecure

Names of vocabularies, terms, and filter menus are now sanitized to display as plain text, avoiding to a Cross Site Scripting (XSS) vulnerability.

nodehierarchy 6.x-1.3

Security update
Bug fixes
Insecure

Fixed string translation issue and added check_plain to node title in tooltips in the child page ui.

og_vocab 6.x-1.1

Security update
Insecure

Security fix - follow up on the same SA-CONTRIB-2009-075 from Drupal 5 that was overseen in Drupal 6.

link 6.x-2.7

Security update

security by dropcube: fixes security problem for Separate title and URL formatter. SA-CONTRIB-2009-096 - Link - Cross Site Scripting
Fix for bug #587078: Initializing item attributes as array if it is not set to avoid Unsupported operand types error.
Unserialize attributtes array if it has not been unserialized during sanitization.
Patch #580988, hook_field('load',...) should return an array of additions to be added to the node object. Ensures that data get cached correctly.

Pages

Subscribe with RSS Subscribe to RSS - Security update