Title says it all. Currently seems to be using a commit locked dev release of it. Might as well continue that with a new commit locked dev release with the security issue fixed ;)

Marking this as a bug report as technically openpublish is a security vulnerability being version locked before the fix.

Patch to come in following comment to allow me to name the patch file correctly.

Comments

techninja’s picture

StatusFileSize
new564 bytes

Tada!

josephcheek’s picture

Title: Upgrade Entity API to add fix for SA-CONTRIB-2013-068 » Upgrade Entity API to add fix for security issues
Issue summary: View changes
Status: Active » Needs review
StatusFileSize
new584 bytes

entity has had more security issues. The following updates it to the latest, 7.x-1.6.

devdokimov’s picture

My patch includes the fix for this issue. And some more security updates.