simple_access 5.x-1.3
dww - April 9, 2008 - 17:54
Official release from CVS tag: DRUPAL-5--1-3
Download: simple_access-5.x-1.3.tar.gz
Size: 13.8 KB
md5_file hash: da3b9eccd90e4a360affb12e093d9535
First released: April 9, 2008 - 17:54
Last updated: April 9, 2008 - 17:55
Download: simple_access-5.x-1.3.tar.gz
Size: 13.8 KB
md5_file hash: da3b9eccd90e4a360affb12e093d9535
First released: April 9, 2008 - 17:54
Last updated: April 9, 2008 - 17:55
This release addresses an access bypass security issue, DRUPAL-SA-2008-025, that would cause nodes to lose simple_access data under certain conditions. Sites should beware that nodes they thought were private might have been made public, especially if using other contributed modules.
Other changes since 5.x-1.2-2:
- Fix up issue with node_access not being written
- Fix issue with simple_access_user realm not being created and not letting default from being taken over when no access is being created.
- Fix bug where if the node is owned by user 0 everyone is given access. See #221277