Downloads
Download tar.gz
13.8 KB
MD5: da3b9eccd90e4a360affb12e093d9535
SHA-1: 3463d36f1b6e8f373f57ffe6566d64b954c51564
SHA-256: 4f46b44dd90dcd2acd672092fc085284ece1da1b10450a02453b101540b812f2
Download zip
15.77 KB
MD5: 3f940f8d97385f5484555d7e277947f4
SHA-1: 129ea3828e7e8fcfd362d6d3501086a5e44f8cac
SHA-256: 2ff5da02ac1dedce2eb0b55f98fcff0e42a7d65567271c63e66d26aef56e3ade
Release notes
This release addresses an access bypass security issue, DRUPAL-SA-2008-025, that would cause nodes to lose simple_access data under certain conditions. Sites should beware that nodes they thought were private might have been made public, especially if using other contributed modules.
Other changes since 5.x-1.2-2:
- Fix up issue with node_access not being written
- Fix issue with simple_access_user realm not being created and not letting default from being taken over when no access is being created.
- Fix bug where if the node is owned by user 0 everyone is given access. See #221277
