ctools 6.x-1.10

Git tag 6.x-1.10
Security update
Insecure

tableofcontents 6.x-3.8

Git tag 6.x-3.8
Security update

Better check for the permissions when showing the table of content in the table of content block. Check that the user can actually see the node of which the table of content is being shown. If not the block remains empty. SA-CONTRIB-2012-166 - Table of Contents - Access Bypass.

smiley 6.x-1.1

Git tag 6.x-1.1
Security update

This release fixes a Cross Site Scripting (XSS) security issue. Please see the security advisory for more information. SA-CONTRIB-2012-164 - Smiley module and Smileys module - Cross Site Scripting (XSS)

smileys 6.x-1.1

Git tag 6.x-1.1
Security update

This release fixes a Cross Site Scripting (XSS) security issue. Please see the security advisory for more information. SA-CONTRIB-2012-164 - Smiley module and Smileys module - Cross Site Scripting (XSS)

restws 7.x-2.0-alpha3

Git tag 7.x-2.0-alpha3
Security update
Insecure

Fixes a CSRF security issue. SA-CONTRIB-2012-162 - RESTful Web Services - Cross site request forgery (CSRF)

API change: The format extension in URL paths only works for GET requests now.
Example that still works:

GET http://example.com/node/123.json
GET http://example.com/node.json

Examples that do not work anymore:

restws 7.x-1.1

Git tag 7.x-1.1
Security update
Insecure

Fixes a CSRF security issue. SA-CONTRIB-2012-162 - RESTful Web Services - Cross site request forgery (CSRF)

API change: The format extension in URL paths only works for GET requests now.
Example that still works:

GET http://example.com/node/123.json

Examples that do not work anymore:

Pages

Subscribe with RSS Subscribe to RSS - Security update