Login
Newsletter
Werbung

Sicherheit: Mangelnde Rechteprüfung in drupal6-emfield
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in drupal6-emfield
ID: FEDORA-2016-592f23fb74
Distribution: Fedora
Plattformen: Fedora 23
Datum: So, 20. März 2016, 07:34
Referenzen: Keine Angabe
Applikationen: drupal6-emfield

Originalnachricht

Name        : drupal6-emfield
Product : Fedora 23
Version : 2.7
Release : 1.fc23
URL : http://drupal.org/project/emfield
Summary : An engine for modules to integrate various 3rd party media
content providers
Description :
This extensible module will create fields for content types that can be used to
display video, image, and audio files from various third party providers. When
entering the content, the user will simply paste the URL or embed code from the
third party, and the module will automatically determine which content provider
is being used. When displaying the content, the proper embedding format will be
used.

The module is only an engine, and requires a supported module to function.
These
include 'Embedded Image Field', 'Embedded Video Field' and
'Embedded Audio
Field'. These modules are included in the contrib folder of the module, so
they
can be easily activated from the module administration page.

Please note: As of emfield 2.x, provider files for these modules are no longer
included with the main emfield module, and must be downloaded separately.

This package provides the following Drupal modules:
* emaudio
* embonus
* emfield
* emimage
* eminline
* emthumb
* emvideo
* emwave

-------------------------------------------------------------------------------
-
Update Information:

### 6.x-2.7 Fixes [Embedded Media Field - Moderately Critical - Access Bypass
-
DRUPAL-SA-CONTRIB-2016-004](https://www.drupal.org/node/2666446) #### Changes
since 6.x-2.6: * by dalin: Ensure that width and height are always numbers. *
\#1868588 by tangent: URL detection regex does not match hyphens / breaks HTML
markup
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1306475 - drupal6-emfield-2.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1306475
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update drupal6-emfield' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung