This is a security release of the Drupal 9 series.
This release fixes security vulnerabilities. Sites are urged to update immediately after reading the notes below and the security announcement:
No other fixes are included.
Addresses Vocabulary Permissions Per Role - Critical - Unsupported - SA-CONTRIB-2022-016
julienjoye, bohart, Tichris59
Issues: 1 issues resolved.
Changes since 8.x-1.1:
Normalize paths to fix acccess bypass by using diacritical marks or unicode characters. By mr.bailey
Rename Admin Paths - Moderately critical - Access bypass - SA-CONTRIB-2022-033
This release fixes SA-CONTRIB-2022-015, and includes some existing changes that were deemed minor enough to include.
DamienMcKenna, martinjbaker
Issues: 5 issues resolved.
Changes since 7.x-1.9: