The Views 6.x-2.9 has a Postgres problem with an upgrade function that could cause data loss. see: #765352: PostgreSQL 8.2.7 upgrade of views_display failed All users, but especially Postgres users are encouraged to wait for a forthcoming 6.x-2.10 release.
Additional serious issues have been noted such as #765296: advanced_render() error when viewing "Year" view on calendar.
The attached patch fixes the security vulnerabilities in Views 6.x-2.8. You must force a menu rebuild (for example by hitting the 'Clear cached data' button on the page at ?q=admin/settings/performance) in order for this patch to fully take effect.
If you need information on applying patches see: http://drupal.org/patch/apply
The original security advisory is: SA-CONTRIB-2010-036
Views 6.x-2.10 release should fix many of these issues.
| Attachment | Size |
|---|---|
| SA-CONTRIB-2010-036-views-6.x-2.8.patch | 3.9 KB |
