Downloads

Download tar.gz 55.6 KB
MD5: 432cfa77498cc37d325c3c1174c1cae1
SHA-1: 44050d457f300f8830a1776c6b5b2c4dc02fb1f0
SHA-256: f1f9300a8284ed93cbcc887cb2247854b401cad16f38471697194e99b60d44f6
Download zip 69.43 KB
MD5: 95fec8f468ab371f01d94ff0266f2685
SHA-1: a847faf94248715956ede4b2aa0116b64ec771fd
SHA-256: d887282c23c2c9e8ff309b41dc50171ff1cfc983071b8800ee2fbad0aa060bcd

Release notes

Fixes SA-2008-043 - Outline designer - Privilege escalation.

here was a security hole that could potentially either corrupt a session or switch a user from one account to another (including the super user).

This was caused by a missing = sign. Hole was identified in two issue reports:

http://drupal.org/node/275225

http://drupal.org/node/275550

UPDATING THIS MODULE IS CRITICAL

Created by: btopro
Created on: 2 Jul 2008 at 19:55 UTC
Last updated: 2 Jul 2008 at 20:57 UTC
Git tag 5.x-1.4
Security update
Unsupported

Other releases