Fedora 21: 2015-2849 Critical: XSS in Drupal 7 Entity Update
fedora
March 31, 2015
## 7.x-1.6 See [SA-CONTRIB-2015-053 - Entity API - Cross Site Scripting (XSS)](https://) Changes since 7.x-1.5: - by klausi: Sanitize field labels before passing them to the Token ...
Summary
This module extends the entity API of Drupal core in order to provide a unified
way to deal with entities and their properties. Additionally, it provides an
entity CRUD controller, which helps simplifying the creation of new entity
types.
This package provides the following Drupal modules:
* entity
* entity_token
Update Information:
## 7.x-1.6
See [SA-CONTRIB-2015-053 - Entity API - Cross Site Scripting (XSS)](https://)
Changes since 7.x-1.5:
- by klausi: Sanitize field labels before passing them to the Tok...
Read the Full Advisory
Change Log
* Fri Feb 27 2015 Shawn Iwinski
References
[ 1 ] Bug #1196750 - drupal7-entity-1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1196750
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update drupal7-entity' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: drupal7-entity
Product: Fedora 21
Version: 1.6
Release: 1.fc21
URL: https://
Summary: Extends the entity API to provide a unified way to deal with entities
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!