This is release 8.x-1.27 of the Search API module for Drupal 9/10. It contains a bug fix for a security issue and should be installed as soon as possible.
Fixes Search API - Moderately critical - Information Disclosure - SA-CONTRIB-2022-059
Other changes included in this release:
This is a security release of the Drupal 9 series.
This release fixes security vulnerabilities. Sites are urged to update immediately after reading the notes below and the security announcement:
No other fixes are included.
This is a security release of the Drupal 9 series.
This release fixes security vulnerabilities. Sites are urged to update immediately after reading the notes below and the security announcement:
No other fixes are included.
This module enables you to utilize S3-compatible storage as a Drupal filesystem.
The module doesn't sufficiently prevent file access across multiple filesystem schemes stored in the same bucket.
This vulnerability is mitigated by the fact that an attacker must obtain a method to access arbitrary file paths, the site must have public or private takeover enabled, and the file metadata cache must be ignored.
This module allows you to render media entity in a block.
The module did not sufficiently check the view access permission of media entities if they are rendered from within the block.
Media Library Block - Moderately critical - Information Disclosure - SA-CONTRIB-2023-003.
Fixes SA-CONTRIB-2022-054.
See the upgrade guide at https://next-drupal.org/docs/upgrade-guide.
Resolves SA-CONTRIB-2022-053.
[#2804981] by lwalley: Request and response logged to watchdog even if setting is 0