drupal.org - セキュリティアップデート
montharchive 6.x-3.3
Last updated: March 10, 2010 - 04:15View usage statistics for this release Download Size md5 hash montharchive-6.x-3.3.tar.gz 16.79 KB 713ca7bf87f36b572f9dbd318db6ba98 Official release from CVS tag: DRUPAL-6--3-3
Last updated: March 10, 2010 - 04:15View usage statistics for this release
Adding access checks, correcting typo (#sufffix rather than #suffix in the config forms). Mangled parentheses prevented the author archives by node type from showing up everywhere they should.
montharchive 6.x-2.7
Last updated: March 10, 2010 - 04:10View usage statistics for this release Download Size md5 hash montharchive-6.x-2.7.tar.gz 15.26 KB 8905830b3a3ae1668a3e25f13efdc3f9 Official release from CVS tag: DRUPAL-6--2-7
Last updated: March 10, 2010 - 04:10View usage statistics for this release
Adding access checks, correcting typo (#sufffix rather than #suffix in the config forms).
You may wan to upgrade to 6.x-3.x, though.
montharchive 6.x-1.4
Last updated: March 10, 2010 - 04:10View usage statistics for this release Download Size md5 hash montharchive-6.x-1.4.tar.gz 12.99 KB a206fbc41477c4b100e6cb551f0acb0e Official release from CVS tag: DRUPAL-6--1-4
Last updated: March 10, 2010 - 04:10View usage statistics for this release
Adding access check.
tinymce 5.x-1.11
Last updated: March 9, 2010 - 15:00View usage statistics for this release Download Size md5 hash tinymce-5.x-1.11.tar.gz 44.22 KB 2feb133ea0d85d655a686c014c439155 Official release from CVS tag: DRUPAL-5--1-11
Last updated: March 9, 2010 - 15:00View usage statistics for this release
This release fixes a security issue. See SA-CONTRIB-2010-025 - TinyMCE - Cross Site Scripting (XSS) for details.
Drupal 5.22
Last updated: March 4, 2010 - 00:20View usage statistics for this release Download Size md5 hash drupal-5.22.tar.gz 750.15 KB 7119375a3d81b4fa9eef0c62e377b24d Official release from CVS tag: DRUPAL-5-22
Last updated: March 4, 2010 - 00:20View usage statistics for this release
The twenty-second maintenance and security release of the Drupal 5 series. Only fixes for security vulnerabilities and other bugs have been committed. New features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
Drupal 5 will no longer be maintained when Drupal 7 is released. Upgrading to Drupal 6 is recommended.
workflow 6.x-1.4
Last updated: March 3, 2010 - 18:40View usage statistics for this release Download Size md5 hash workflow-6.x-1.4.tar.gz 56.06 KB c919d08096fd8bbe7e4c8590bd369af8 Official release from CVS tag: DRUPAL-6--1-4
Last updated: March 3, 2010 - 18:40View usage statistics for this release
Changes since DRUPAL-6--1-3:
workflow 5.x-2.6
Last updated: March 3, 2010 - 18:40View usage statistics for this release Download Size md5 hash workflow-5.x-2.6.tar.gz 42.25 KB 8f596054ab1bd52b25d00e857900dd0d Official release from CVS tag: DRUPAL-5--2-6
Last updated: March 3, 2010 - 18:40View usage statistics for this release
Fix for SA-CONTRIB-2010-023, improper filtering of [workflow-current-state-log-entry] token.
i18n 6.x-1.3
Last updated: March 3, 2010 - 17:55View usage statistics for this release Download Size md5 hash i18n-6.x-1.3.tar.gz 123.21 KB dd608d3adcafd0bd3a894466f39753b0 Official release from CVS tag: DRUPAL-6--1-3
Last updated: March 3, 2010 - 17:55View usage statistics for this release
Security Update and bug fixes:
- Reworked i18nstrings API.
- Fixed: Multiple issues with file synchronization, new files, other modules, #363065
- Usability: Added proper validation to vocabulary form, by andrewlevine #577066
- Fixed: Translated primary and secondary links appear even if they are disabled, by yrocq #631388
- Reworked i18nstrings API using proper namespaces, kept tt() for compatibility
- Added: New plugin for views translation, by nedjo, joostvdl, #360024
i18n 5.x-2.6
Last updated: March 3, 2010 - 17:50View usage statistics for this release Download Size md5 hash i18n-5.x-2.6.tar.gz 89.49 KB 970e914ee35489b8104e2d1a6ed8bc6d Official release from CVS tag: DRUPAL-5--2-6
Last updated: March 3, 2010 - 17:50View usage statistics for this release
Security update. Removed i18nviews module.
addthis 5.x-2.2
Last updated: March 3, 2010 - 17:45View usage statistics for this release Download Size md5 hash addthis-5.x-2.2.tar.gz 8.21 KB 054b56e88a1f97085ad05a0d428bd445 Official release from CVS tag: DRUPAL-5--2-2
Last updated: March 3, 2010 - 17:45View usage statistics for this release
Security fix SA-CONTRIB-2010-021 http://drupal.org/node/731568
addthis 6.x-2.9
Last updated: March 3, 2010 - 17:45View usage statistics for this release Download Size md5 hash addthis-6.x-2.9.tar.gz 11.26 KB 3667c985def78990264e22f2c794123f Official release from CVS tag: DRUPAL-6--2-9
Last updated: March 3, 2010 - 17:45View usage statistics for this release
Security fix SA-CONTRIB-2010-021 http://drupal.org/node/731568
etracker 6.x-1.2
Last updated: March 3, 2010 - 06:20View usage statistics for this release Download Size md5 hash etracker-6.x-1.2.tar.gz 11.25 KB 07034552c2630d8654748bc2547c9640 Official release from CVS tag: DRUPAL-6--1-2
Last updated: March 3, 2010 - 06:20View usage statistics for this release
Fixed a cross site scripting vulnerability in the 6.x-1.1 release.
SA-CONTRIB-2010-024 - http://drupal.org/node/731682
ife 6.x-1.1-beta2
Last updated: March 2, 2010 - 23:05View usage statistics for this release Download Size md5 hash ife-6.x-1.1-beta2.tar.gz 10.95 KB 1c35dc5035e5ce342ce1331d7b7a6dc5 Official release from CVS tag: DRUPAL-6--1-1-BETA2
Last updated: March 2, 2010 - 23:05View usage statistics for this release
Fixed #728942: ife_general_message variable is sanitized twice at admin/settings/ife by Boobaa: ife_general_message variable is sanitized twice at admin/settings/ife
Fixed by stijndm: removed check_plain to allow HTML on general messages
Fixed by stijndm: syncing with github code to remove old code references. Related to issue #730352: form_id_load is undefined?.
Fixed by boobaa: security issue introduced by previous commit related to issue #728942: ife_general_message variable is sanitized twice at admin/settings/ife
Added by stijndm: added support for multilingual variables. Related to issue #728934: Use system_settings_form() to display admin/settings/ife form
facebook_status 6.x-2.1
Last updated: February 24, 2010 - 22:00View usage statistics for this release Download Size md5 hash facebook_status-6.x-2.1.tar.gz 49.57 KB e504c299bc10f1620468d39e6180c580 Official release from CVS tag: DRUPAL-6--2-1
Last updated: February 24, 2010 - 22:00View usage statistics for this release
This release is the first stable release to work with the Facebook-style Statuses Comments module, which allows commenting on statuses.
Users upgrading from 5.x should first upgrade to FBSS 6.1 before moving to 6.2.
Upgrade Notes- Everyone should run update.php after upgrading to this release.
- New settings related to new features have been added. You should review your settings after upgrading, and also check out the documentation.
Bolded changes add or remove settings or major features. These changes could affect the way your site uses Facebook-style Statuses. Emphasized changes indicate less important changes that may offer new opportunities for your site should you actively choose to take advantage of them. Developers should pay attention to underlined changes.
#634784 Added a killswitch to use a non-UTF8 version of FBSST tag matching for people without UTF8 support in PCRE
Temporarily removed support for hyphens in tags in FBSST because Views doesn't support them
Share-status page now can show a view of latest statuses as well
Fixed Poster name always shows up as link to profile in Views
week 6.x-2.7
Last updated: February 24, 2010 - 01:30View usage statistics for this release Download Size md5 hash week-6.x-2.7.tar.gz 12.85 KB 5716f1b672de0438c7f02d7397008e86 Official release from CVS tag: DRUPAL-6--2-7
Last updated: February 24, 2010 - 01:30View usage statistics for this release
Adding access check to week_post_page().
realname_userreference 6.x-1.1
Last updated: February 17, 2010 - 10:30View usage statistics for this release Download Size md5 hash realname_userreference-6.x-1.1.tar.gz 11.48 KB 82195cc8228a40a41392b984b7ed4783 Official release from CVS tag: DRUPAL-6--1-1
Last updated: February 17, 2010 - 10:30View usage statistics for this release
#716794: Permission of the autocomplete callback path fixed.
content_distribution 6.x-1.3
Last updated: February 16, 2010 - 23:10View usage statistics for this release Download Size md5 hash content_distribution-6.x-1.3.tar.gz 25.08 KB 9078702b4a93998192ddbf471fdce3a8 Official release from CVS tag: DRUPAL-6--1-3
Last updated: February 16, 2010 - 23:10View usage statistics for this release
SA-CONTRIB-2010-018 - Content Distribution - Multiple Vulnerabilities - http://drupal.org/node/717556
Other bug fixes:
- #714794: Warn user on node editing by joachim: Fixed lack of user warning about clobbering on editing a retrieved node.
- #710500: work around CCK bug with field node types by joachim: Fixed use of unreliable CCK type_name.
- #710420: filefield path settings not respected by joachim: Fixed filefield path settings not being respected.
- #707964: wrong parameters in form handlers by joachim: Fixed wrong parameters in form handlers.
- by joachim: Cleaned up user switching.
- #709694: gaps and surplus in info file dependencies by joachim: Fixed info file dependencies.
- #663798: mystery ticky box? by joachim: Fixed date reset option insisting on a date.
- #708400: surplus Views API hook by joachim: Removed surplus implementation of views hook.
- #708092: move default views to separate file by joachim: Moved hook_views_default_views() to separate file.
- #676254: All kinds of broken watchdog() calls in content_retriever.module by brianV: Fixed parameters and erroneous t() in watchdog calls.
- #663604: domain part of hash doesn't include port; module broken on localhosts that don't use port 80 by joachim: Fixed domain part of hash missing port when not 80.
- #709072: improve distributor_service info description and file doc headers by joachim: Changed distributor_service info description and file doc headers.
Code cleanup:
- #708986: fold in system.connect by joachim: Changed content_retriever_xmlrpc() to handle connect and login methods.
- #708472: refactor content_retriever_xmlrpc() by joachim: Refactored content_retriever_xmlrpc().
- #662624: code style cleanup (part 3) by joachim: Fixed code style issues.
webform_report 6.x-1.9
Last updated: February 12, 2010 - 02:05View usage statistics for this release Download Size md5 hash webform_report-6.x-1.9.tar.gz 15.16 KB 33ede3ba51042851121035c2d16aa167 Official release from CVS tag: DRUPAL-6--1-9
Last updated: February 12, 2010 - 02:05View usage statistics for this release
Fixes security vulnerabilities as noted in SA-CONTRIB-2009-050 - Webform report - Cross site scripting.
webform_report 5.x-2.4
Last updated: February 12, 2010 - 02:00View usage statistics for this release Download Size md5 hash webform_report-5.x-2.4.tar.gz 14.23 KB b83a390d2024b3512c829f7e7eb5cb94 Official release from CVS tag: DRUPAL-5--2-4
Last updated: February 12, 2010 - 02:00View usage statistics for this release
Fixes security vulnerabilities as noted in SA-CONTRIB-2009-050 - Webform report - Cross site scripting
itweak_upload 6.x-2.3
Last updated: February 11, 2010 - 05:10View usage statistics for this release Download Size md5 hash itweak_upload-6.x-2.3.tar.gz 97.71 KB 7f6e051480c90bc7521da4b4f87f8dfe Official release from CVS tag: DRUPAL-6--2-3
Last updated: February 11, 2010 - 05:10View usage statistics for this release
SA-CONTRIB-2010-017 by iva2k: remove XSS vulnerability in file names
