user_karma 6.x-1.0-beta1

Git tag 6.x-1.0-beta1
Security update

#339553 (SA-2008-071): fix multiple vulnerabilities (SQL injection, XSS)

user_karma 5.x-1.13

Git tag 5.x-1.13
Security update

#339553 (SA-2008-071): fix multiple vulnerabilities (SQL injection, XSS)

commentmail 5.x-1.1

Git tag 5.x-1.1
Security update

SA-2008-070: fix cross site request forgery

Important this release fixes a security issue that affects Comment Mail. Please upgrade!

See http://drupal.org/node/330546 for more information.

cck 6.x-2.0

Git tag 6.x-2.0
Security update
New features
Bug fixes
Insecure

IMPORTANT NOTES:
-------------------

- VIEWS INTEGRATION - Filters available for CCK fields in Views have changed slightly since the RC releases.
If upgrading from a previous CCK RC release, you might get errors or warnings when displaying some views,
or find they don't display the expected results. You'll need to edit those views and redefine their filters.
This only applies to filters defined on Text or Number fields that specify a list of 'Allowed values'.
Filters on other CCK fields are not affected.

- SECURITY FIX - This release fixes (minor) cross-site scripting (XSS) vulnerabilities
in nodereference.module, userreference.module, content_copy.module, and CCK's Views integration
See the Security Annoucement on http://drupal.org/node/330546 for more information.

-------------------

Main new features since RC10:
- #300368 Add option on Display fields screen to omit fields or groups from the $content value passed to the node template.
- #298651 by smk-ka, yched - Nodereference/Userreference: Enhance performance on large sites.
This also adds 'autocomplete mode' widget settings (full string / beginning of string).
- #329447 add content_view_field() API function to display a single field, fully themed with label and multiple values, to be used by 3rd party code.

Other changes:
- Content_generate should be passing field info and updating $items.

cck 5.x-1.10

Git tag 5.x-1.10
Security update
Insecure

IMPORTANT : this release fixes (minor) cross-site scripting (XSS) vulnerabilities
in nodereference.module, userreference.module and content_copy.module.
See the Security Annoucement on http://drupal.org/node/330546 for more information.

l10n_server 6.x-1.0-alpha2

Git tag 6.x-1.0-alpha2
Security update
New features
Bug fixes
Insecure

This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:

In addition to this security vulnerability, the following changes have been made since the 6.x-1.0-alpha1 release:

  • Bad 'page arguments' in l10n_groups module
  • - Menu updates. Use the Drupal 6 built in ways to invoke functions from include files. No need for a custom wrapper.
    - Fixed missing access argument on export tab, which resulted in it not showing up.
    - Fixed badly updated form in export screen, now includes form_state as mandated in Drupal 6.
  • - Move Tar.php check to a real hook_requirements() check as suggested in @todo.
    - Add potx version compatibility check to make sure people run with the right potx version.
  • #321637 by myself: support for disabled projects; makes it possible to discontinue project translations (not looking for new releases but keeping old data) and maintaining suggested projects not yet picked up by the server but known.
  • Instead of t() we should use the return value of get_t() in install functions

Pages

Subscribe with RSS Subscribe to RSS - Security update