New in 7.x-3.0-beta24:
Resolves SA-CONTRIB-2024-001.
New in 7.x-3.0-beta23:
PHP 8.2 compatibility fix.
[#3175010]
[#3327337]
New in 7.x-3.0-beta22:
Improved support for PHP 8.1
[#3267961]
New in 7.x-3.0-beta21:
[#2097261]
[#3185959]
[#3200891]
[#3253162]
New in 7.x-3.0-beta19:
PHP 8.0 compatibility
[#3208277]
New in 7.x-3.0-beta18:
Fix for minor bug
[#3227285]
New in 7.x-3.0-beta17:
[#2993186]
New in 7.x-2.38:
Resolves SA-CONTRIB-2024-001.
New in 7.x-2.37:
PHP 8.2 compatibility fix.
[#3175010]
[#3327337]
New in 7.x-2.36:
PHP 8.1 compatibility fix
[#3267961]
New in 7.x-2.35:
[#2097261]
[#3185959]
[#3200891]
New in 7.x-2.34:
PHP 8.0 compatibility regression fix
[#3253162]
New in 7.x-2.33:
PHP 8.0 compatibility
[#3208277]
New in 7.x-2.32:
Fix for minor bug
[#3227285]
skip 7.x-2.31 (oops tag)
Update the third party libraries. Fixes Data Visualisation Framework - Moderately critical - Cross Site Scripting - SA-CONTRIB-2023-055
See Xsendfile - Moderately critical - Access bypass - SA-CONTRIB-2023-053.
This release brings XsendfileImageStyleDownloadController and XsendfileFileDownloadController in line with core controllers.
This module replaces ImageStyleDownloadController and FileDownloadController with its own implementations. Versions of Xsendfile previous to this one (8.x-1.2) don't include the fix for SA-CORE-2023-005.
Made sure we fail gracefully when the right commerce order cannot be found on redirect.
Mollie for Drupal - Moderately critical - Faulty payment confirmation logic - SA-CONTRIB-2023-052
Security release of GraphQL fixing a CSRF vulnerability and an access bypass in entity label handling, see:
We recommend the following additional security measures:
Security release of GraphQL fixing a CSRF vulnerability and an access bypass in entity label handling, see:
We recommend the following additional security measures:
See also Paragraphs admin - Moderately critical - - SA-CONTRIB-2023-049.