Fedora 20: drupal7-entity Security Update

    Date31 Mar 2015
    CategoryFedora
    44
    Posted ByLinuxSecurity Advisories
    ## 7.x-1.6 See [SA-CONTRIB-2015-053 - Entity API - Cross Site Scripting (XSS)](https://www.drupal.org/node/2437905) Changes since 7.x-1.5: - by klausi: Sanitize field labels before passing them to the Token API. - Issue #2264079 by Amitaibu, fago: Fixed $wrapper->access() might be wrong for single entity reference field.
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2015-2826
    2015-02-28 06:50:15
    --------------------------------------------------------------------------------
    
    Name        : drupal7-entity
    Product     : Fedora 20
    Version     : 1.6
    Release     : 1.fc20
    URL         : http://drupal.org/project/entity
    Summary     : Extends the entity API to provide a unified way to deal with entities
    Description :
    This module extends the entity API of Drupal core in order to provide a unified
    way to deal with entities and their properties. Additionally, it provides an
    entity CRUD controller, which helps simplifying the creation of new entity
    types.
    
    This package provides the following Drupal modules:
    * entity
    * entity_token
    
    --------------------------------------------------------------------------------
    Update Information:
    
    ## 7.x-1.6
    
    See [SA-CONTRIB-2015-053 - Entity API - Cross Site Scripting (XSS)](https://www.drupal.org/node/2437905)
    
    Changes since 7.x-1.5:
    
    - by klausi: Sanitize field labels before passing them to the Token API.
    - Issue #2264079 by Amitaibu, fago: Fixed $wrapper->access() might be wrong for single entity reference field.
    - Issue #2039601 by DuaelFr, fago: Added Ease EntityMetadataWrapper usage with a getter.
    - Issue #2160355 by wodenx, gmercer, fgm, jgullstr: Fixed Trying to get property of non-object in entity_metadata_user_access().
    - Issue #1651824 by meatsack | joachim: Fixed 'entity_test' table has incorrect declaration of foreign keys.
    - Issue #2309697 by kristiaanvandeneynde; joachim: Fixed variable mistake in entity_views_handler_relationship_by_bundle.
    - Issue #2003826 by greenmother, stella, jazzdrive3, fago: Fixed template_preprocess_entity does not check for existing 'path' index.
    - Issue #1104286: Support generating database schema for date properties.
    - Issue #2013473 by fietserwin: Title attribute of image field not listed as possible token.
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Fri Feb 27 2015 Shawn Iwinski  - 1.6-1
    - Updated to 1.6 (BZ #1196750 / SA-CONTRIB-2015-053)
    - Removed RPM README b/c it only explained common Drupal workflow
    - %license usage
    * Sat Jun  7 2014 Fedora Release Engineering  - 1.5-2
    - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
    * Sat May 10 2014 Peter Borsa  - 1.5-1
    - Update to upstream 1.5 release for bug fixes
    - Upstream changelog for this release is available at https://drupal.org/node/2236077
    * Thu Jan  9 2014 Shawn Iwinski  - 1.3-2
    - Added provided modules to description
    * Thu Jan  9 2014 Shawn Iwinski  - 1.3-1
    - Updated to 1.3 (release notes: https://drupal.org/node/2169589) (BZ #1050853)
    - CVE-2014-1398, CVE-2014-1399, CVE-2014-1400 (BZ #1050802, 1050803, 1050804)
    - SA-CONTRIB-2014-001 (https://drupal.org/node/2169595)
    - Spec cleanup
    * Fri Aug 16 2013 Peter Borsa  - 1.2-1
    - Update to upstream 1.2 release for security and bug fixes
    - Upstream changelog for this release is available at https://drupal.org/node/2065197
    - SA-CONTRIB-2013-068 https://drupal.org/node/2065207
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #1196750 - drupal7-entity-1.6 is available
            https://bugzilla.redhat.com/show_bug.cgi?id=1196750
    --------------------------------------------------------------------------------
    
    This update can be installed with the "yum" update program.  Use
    su -c 'yum update drupal7-entity' at the command line.
    For more information, refer to "Managing Software with yum",
    available at http://docs.fedoraproject.org/yum/.
    
    All packages are signed with the Fedora Project GPG key.  More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://admin.fedoraproject.org/mailman/listinfo/package-announce
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"22","type":"x","order":"1","pct":55,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":12.5,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"13","type":"x","order":"3","pct":32.5,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.