Downloads

Download tar.gz 114.1 KB
MD5: badca46a6021e93cb4818b9f2b3f6da3
SHA-1: 696a9c99a6b468a2bb72a3fc8417f0eba2f55979
SHA-256: 3df3da11e64b95e50b51f716f510fc2b72391fe9879dc0afb64f1672c94d437e
Download zip 155.78 KB
MD5: ce95d522acc2e7b6108d86d463080231
SHA-1: 0e33fc4032d262167c7bf75f7b07e94e993202ba
SHA-256: a441ce6b811d09abb529cc11e13fbc3ad7814c11d1af8a2552dc1dae57d68ef1

Release notes

This release is basically to fix a vulnerability in the submodules "shouts" and "heartbeat_comments". The problem was a CSRF attach was possible.

SA-CONTRIB-2012-137 - Heartbeat - Cross Site Request Forgery (CSRF) in heartbeat_comments

Created by: Stalski
Created on: 4 Sep 2012 at 18:57 UTC
Last updated: 5 Sep 2012 at 19:18 UTC
Git tag 6.x-4.12
Security update
Unsupported

Other releases