Security update
og_vocab 5.x-1.1
Amitaibu - October 15, 2009 - 07:51
| Download | Size | md5 hash |
|---|---|---|
| og_vocab-5.x-1.1.tar.gz | 11.02 KB | e434454719f96b1e6a8926158a0aa3d1 |
Official release from CVS tag: DRUPAL-5--1-1
Last updated: October 15, 2009 - 07:55
- Sanitize node title before setting it as the page title.
webform 5.x-2.8
quicksketch - October 15, 2009 - 01:37
| Download | Size | md5 hash |
|---|---|---|
| webform-5.x-2.8.tar.gz | 212.98 KB | a3730be80ec05d3ea82f5737e1e697bc |
Official release from CVS tag: DRUPAL-5--2-8
Last updated: October 15, 2009 - 01:41
This version of Webform addresses two security issues found since the 2.7 release.
- Anonymous user data may be shown to other anonymous users when the page cache is enabled.
- Unsafe markup was allowed in textfield components' prefix and suffix values.
webform 6.x-2.8
quicksketch - October 15, 2009 - 01:35
| Download | Size | md5 hash |
|---|---|---|
| webform-6.x-2.8.tar.gz | 259.7 KB | c908306a1ef0ee6d9294f7877775b175 |
Official release from CVS tag: DRUPAL-6--2-8
Last updated: October 15, 2009 - 01:41
This version of Webform addresses two security issues found since the 2.7 release.
- Anonymous user data may be shown to other anonymous users when the page cache is enabled.
- Unsafe markup was allowed in textfield components' prefix and suffix values.
print 6.x-1.9
jcnventura - October 14, 2009 - 23:00
| Download | Size | md5 hash |
|---|---|---|
| print-6.x-1.9.tar.gz | 159.19 KB | 9736c86a05db35de7e31d60ba3c7c21e |
Official release from CVS tag: DRUPAL-6--1-9
Last updated: October 14, 2009 - 23:05
Changes since DRUPAL-6--1-8:
- SA-CONTRIB-2009-073: remove XSS vulnerability in PF URLs list and unathorized access to node titles
- Fix #554940: escape mysql query string
- Fix #566138: add setting to close the window when both the new window and send to printer are enabled
- Fix #572848 by aether: Use theme_username() for print_mail_form defaults
- Fix #582104: look for PDF libraries in sites/all/libraries
- Fix #582360: don't complain about missing e-mail addresses when there's a blank line at the end
- Fix #578990: enable tokens in the wkhtmltopdf options string
- Fix #552882: register dompdf's autoload function to prevent fatal errors
- Fix #599840: use the real page path and not the current URL when determining link visibility
- Fix #521776: support wkhtmltopdf in Windows
print 5.x-4.9
jcnventura - October 14, 2009 - 22:59
| Download | Size | md5 hash |
|---|---|---|
| print-5.x-4.9.tar.gz | 161.59 KB | b0214dbac239ca76c51a3aac16237d0a |
Official release from CVS tag: DRUPAL-5--4-9
Last updated: October 14, 2009 - 23:01
Changes since DRUPAL-5--4-8:
- SA-CONTRIB-2009-073: remove XSS vulnerability in PF URLs list and unathorized access to node titles
- Fix #554940: escape mysql query string
- Fix #566138: add setting to close the window when both the new window and send to printer are enabled
- Fix #572848 by aether: Use theme_username() for print_mail_form defaults
- Fix #582104: look for PDF libraries in sites/all/libraries
- Fix #582360: don't complain about missing e-mail addresses when there's a blank line at the end
- Fix #578990: enable tokens in the wkhtmltopdf options string
- Fix #552882: register dompdf's autoload function to prevent fatal errors
- Fix #597922: remove warning for missing argument in print_mail_form()
- Fix #599840: use the real page path and not the current URL when determining link visibility
- Fix #602286: check text string management permissions using Drupal 5 syntax
- Fix #521776: support wkhtmltopdf in Windows
og_vocab 6.x-1.0
Amitaibu - October 14, 2009 - 15:14
| Download | Size | md5 hash |
|---|---|---|
| og_vocab-6.x-1.0.tar.gz | 15 KB | 6cdb6e93863e906861e096c413a72702 |
Official release from CVS tag: DRUPAL-6--1-0
Last updated: October 14, 2009 - 15:16
- Security fix.
- Rules module integration.
