Fixes Fieldable Panels Panes - Moderately Critical - Access Bypass - SA-CONTRIB-2016-014
This resolves several bugs and fixes a file access vulnerability; updating is strongly recommended.
Full changelog since 7.x-1.7:
Fixes multiple vulnerabilities described in
fixes Prepopulate - Multiple Vunerabilities - SA-CONTRIB-2016-009
Fixes USASearch - Access Bypass - SA-CONTRIB-2016-010
Support for distinct indexing of taxonomy terms as a distinct element.
Ability to select Display Mode to use for search results display.
Updates to documentation.
Improvements to configuration UI.
Fixes Google Analytics Counter - CSRF - SA-CONTRIB-2016-011
Scald File - Critical - Remote Code Execution - SA-CONTRIB-2016-015
Other changes since 7.x-1.2:
Issue #2363059 by Aron Novak: Support mudraw for generating PDF thumbnail
Issue #2561111 by filnug, nagy.balint: Add support for xlsm
Maintenance and security release of the Drupal 7 series.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the notes below and the security announcement:
No other fixes are included.
In addition to the news page and sub-tabs, all security announcements are posted to an email list. To subscribe to email: log in, go to your user profile page and subscribe to the security newsletter on the Edit » My newsletters tab.
You can also get rss feeds for core, contrib, or public service announcements or follow @drupalsecurity on Twitter.
In order to report a security issue, or to learn more about the security team, please see the Security team handbook page.
If you are a Drupal developer, please read the handbook section on Writing secure code.
Drupal is a registered trademark of Dries Buytaert.