mailhandler 6.x-1.4

Release notes

This release fixes a security issue. See SA-2008-050 - Mailhandler - SQL Injection for details.

Edit (z.stolar, 18/9/2008):
This release contains a minor, harmless bug, during installation. Please use This patch until a new 6.x version is available.

Download Size md5 hash
mailhandler-6.x-1.4.tar.gz 21.04 KB b42ad3659e7e588c5b5336772aa0c624
mailhandler-6.x-1.4.zip 23.93 KB b4171c40680d4a8cb19c9ca60b146a43
Last updated: December 24, 2010 - 23:19
Official release from tag: 
6.x-1.4

talk 5.x-1.3

Release notes

Bugfix release that fixes two security issues. See SA-2008-049 - Talk - Multiple vulnerabilities for details.

Download Size md5 hash
talk-5.x-1.3.tar.gz 7.97 KB f490e7d7849aa200a549cb0531904a4e
talk-5.x-1.3.zip 8.6 KB 23d50fc032a2bdca370927d36a33e054
Last updated: December 24, 2010 - 23:53
Official release from tag: 
5.x-1.3

talk 6.x-1.5

Release notes

Bugfix release that fixes two security issues. See SA-2008-049 - Talk - Multiple vulnerabilities for details.

Download Size md5 hash
talk-6.x-1.5.tar.gz 9.49 KB dd20448a66fc611288f61456b4db25b4
talk-6.x-1.5.zip 11.95 KB 187eab0e4c564d6de26c76012d462638
Last updated: December 24, 2010 - 23:53
Official release from tag: 
6.x-1.5

cck 5.x-1.9

Release notes

5--1.9
======

Hotfix release for 5.x-1.8.
- Fix array_merge() warning on upgrade (harmless).
- Fix parse error in nodereference.module.

5--1.8
======

The 1.8 release fixes two critical bugs :

- #292872 Data loss issue : fields and field data deleted for content types defined by disabled modules.
IMPORTANT: Since disabling all contrib modules is a recommended step prior to upgrading a D5 site to D6,
it is highly advised that D5 sites using CCK are updated to CCK 5.x-1.8 before starting the D6 upgrade process.

- #271577 Security issue (moderate): unsanitized output for some admin-defined content
('administer content' permission was required to exploit the security hole)
IMPORTANT: If your theme uses field templates, you will need to manually change this line in your theme's template.php :
function phptemplate_field() : [or possibly THEME_NAME_field()]
change:
'label' => t($field['widget']['label']),
to:
'label' => check_plain(t($field['widget']['label'])),
See SA-2008-048 : http://drupal.org/node/304093

Other notable fix :

- Content Copy: Fix multiple bugs when importing/exporting content types :
exporting field definition can alter the actual field's settings
'this post cannot be referenced' error when exporting nodereference fields
no export of default values

This release requires a visit to update.php

Other changes :

Download Size md5 hash
cck-5.x-1.9.tar.gz 136.03 KB 1a800ed33ad4420879d941e65e07dc2b
cck-5.x-1.9.zip 171.37 KB 7118c7708ae61f41eeb92f19fbe5dcd0
Last updated: December 24, 2010 - 22:18
Official release from tag: 
5.x-1.9

cck 5.x-1.8

Release notes

This release is broken - use CCK 5.x-1.9 instead.

Download Size md5 hash
cck-5.x-1.8.tar.gz 135.96 KB 33ff270929d7884cded55b96bdd69b65
cck-5.x-1.8.zip 171.32 KB 0af959d8087c63b1450d47d5ee17289b
Last updated: December 24, 2010 - 22:18
Official release from tag: 
5.x-1.8

mailsave 5.x-3.3

Release notes

This release fixes a vulnerability to mimetype spoofing that could be used in malicious posts. See SA-2008-051 - Mailsave - Cross site scripting for details.

Users should upgrade to Drupal 5.10 and this release of mailsave to guard against this issue.

Download Size md5 hash
mailsave-5.x-3.3.tar.gz 24.78 KB b1bc8ea0166831e034f2447dcaedcb6c
mailsave-5.x-3.3.zip 45.64 KB 37eac3b5bcec80c982392ce94736efb9
Last updated: December 24, 2010 - 23:19
Official release from tag: 
5.x-3.3

Pages

Subscribe with RSS Subscribe to RSS - Security update