Sicherheit: Cross-Site Scripting in drupal7-entity
Aktuelle Meldungen Distributionen
Name: Cross-Site Scripting in drupal7-entity
ID: FEDORA-2015-2783
Distribution: Fedora
Plattformen: Fedora 22
Datum: Mi, 1. April 2015, 06:25
Referenzen: https://www.drupal.org/node/2437905
Applikationen: drupal7-entity


Name        : drupal7-entity
Product : Fedora 22
Version : 1.6
Release : 1.fc22
URL : http://drupal.org/project/entity
Summary : Extends the entity API to provide a unified way to deal with
Description :
This module extends the entity API of Drupal core in order to provide a unified
way to deal with entities and their properties. Additionally, it provides an
entity CRUD controller, which helps simplifying the creation of new entity

This package provides the following Drupal modules:
* entity
* entity_token

Update Information:

## 7.x-1.6

See [SA-CONTRIB-2015-053 - Entity API - Cross Site Scripting (XSS)](https://www.drupal.org/node/2437905)

Changes since 7.x-1.5:

- by klausi: Sanitize field labels before passing them to the Token API.
- Issue #2264079 by Amitaibu, fago: Fixed $wrapper->access() might be wrong
for single entity reference field.
- Issue #2039601 by DuaelFr, fago: Added Ease EntityMetadataWrapper usage with
a getter.
- Issue #2160355 by wodenx, gmercer, fgm, jgullstr: Fixed Trying to get
property of non-object in entity_metadata_user_access().
- Issue #1651824 by meatsack | joachim: Fixed 'entity_test' table has
incorrect declaration of foreign keys.
- Issue #2309697 by kristiaanvandeneynde; joachim: Fixed variable mistake in
- Issue #2003826 by greenmother, stella, jazzdrive3, fago: Fixed
template_preprocess_entity does not check for existing 'path' index.
- Issue #1104286: Support generating database schema for date properties.
- Issue #2013473 by fietserwin: Title attribute of image field not listed as
possible token.

[ 1 ] Bug #1196750 - drupal7-entity-1.6 is available

This update can be installed with the "yum" update program. Use
su -c 'yum update drupal7-entity' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Pro-Linux @Facebook
Neue Nachrichten