deploy 7.x-2.0-beta2

Release notes

This release fixes a XSS vulnerability in the deploy_ui sub module caused by the module not sanitising output in the plan empty confirmation message. This vulnerability can only be exploited by users with the Administer Deployments permission and only impacts users with that permission who empty a plan created by a malicious user.

Download Size md5 hash
deploy-7.x-2.0-beta2.tar.gz 47.8 KB 609501cef4238d9dbeec943d5f8ee9ea
deploy-7.x-2.0-beta2.zip 76.09 KB 18af6a009316f4b6bad1ed26844704b4
Last updated: March 22, 2016 - 11:19
Official release from tag: 
7.x-2.0-beta2

fac 7.x-1.1

Release notes

Download Size md5 hash
fac-7.x-1.1.tar.gz 22.57 KB 2557067ad0ec0a41d362196db250b5a3
fac-7.x-1.1.zip 30.3 KB 00888d2fd5919aadfa364b87418c4bd7
Last updated: March 16, 2016 - 14:04
Official release from tag: 
7.x-1.1

finder 7.x-2.1

Release notes

Download Size md5 hash
finder-7.x-2.1.tar.gz 75.06 KB 597f0fa5cdf25891dd6b67f66b77eaaa
finder-7.x-2.1.zip 97.67 KB 167b0539dc84eb6d803ba6a38589797d
Last updated: March 13, 2016 - 01:18
Official release from tag: 
7.x-2.1

fieldable_panels_panes 7.x-1.8

Release notes

Fixes Fieldable Panels Panes - Moderately Critical - Access Bypass - SA-CONTRIB-2016-014

This resolves several bugs and fixes a file access vulnerability; updating is strongly recommended.

Full changelog since 7.x-1.7:

Download Size md5 hash
fieldable_panels_panes-7.x-1.8.tar.gz 47.02 KB 0ee7f275100f2877e864eb2e79323913
fieldable_panels_panes-7.x-1.8.zip 66.65 KB bb2a8db43d2017808d245bf621b0dd63
Last updated: March 2, 2016 - 15:23
Official release from tag: 
7.x-1.8

prepopulate 7.x-2.1

Release notes

Fixes multiple vulnerabilities described in

fixes Prepopulate - Multiple Vunerabilities - SA-CONTRIB-2016-009

  • Removes base64 encoding to prevent arbitrary manipulation of $_REQUEST.
  • Adds additional restricted field types to prevent abuse of fields that aren't displayed.
Download Size md5 hash
prepopulate-7.x-2.1.tar.gz 8.55 KB 046c245c0bf667120a5bdaeed1549c87
prepopulate-7.x-2.1.zip 9.62 KB 377f94afc3edb1b38cea10c0f58e0b87
Last updated: March 2, 2016 - 06:08
Official release from tag: 
7.x-2.1

usasearch 7.x-5.1

Release notes

Fixes USASearch - Access Bypass - SA-CONTRIB-2016-010

Support for distinct indexing of taxonomy terms as a distinct element.
Ability to select Display Mode to use for search results display.
Updates to documentation.
Improvements to configuration UI.

Download Size md5 hash
usasearch-7.x-5.1.tar.gz 17.86 KB b1d7e45054a458cee5fb77ff0a151020
usasearch-7.x-5.1.zip 28.63 KB 8c8fb88f8b624552ccb692256c5493d6
Last updated: March 2, 2016 - 04:23
Official release from tag: 
7.x-5.1

Pages

Subscribe with RSS Subscribe to RSS - Security update