Tag Archives: release notes

Drupal 7.22 release notes

Maintenance release of the Drupal 7 series. Includes bugfixes and small API/feature improvements only (no major new functionality); significant new features are only being added to the forthcoming Drupal 8.0 release.

No security fixes are included in this release.

Besides documentation fixes, no changes have been made to the robots.txt or default settings.php files in this release, so upgrading custom versions of those files is not necessary. There are two changes to the .htaccess file in this release:

  1. An improvement to the default rewrite rules to help avoid man-in-the-middle attacks on sites which are accessed over HTTP and HTTPS (see #1733476).
  2. A change to the list of file extensions which are blocked by .htaccess, to prevent temporary files created by text editors from being accessed (see #1907704).

Upgrading custom versions of the .htaccess file is recommended.

Read the full release notes…

Fixed in Firefox 3.5.2 (security issues)

We strongly recommend the update to Firefox 3.5.2
Firefox 3.5.2 fixes security issues found in Firefox 3.5.1 (2 Critical, 1 Moderate, 1 Low):

MFSA 2009-46 Chrome privilege escalation due to incorrectly cached wrapper
MFSA 2009-45 Crashes with evidence of memory corruption (rv:1.9.1.2/1.9.0.13)
MFSA 2009-44 Location bar and SSL indicator spoofing via window.open() on invalid URL
MFSA 2009-38 Data corruption with SOCKS5 reply containing DNS name longer than 15 characters

1 Star2 Stars (No Ratings Yet)
Loading...

Fixed in Firefox 3.0.12 (security issues)

We strongly recommend the update to Firefox 3.0.12 or Firefox 3.5.1 .
Firefox 3.0.12 fixes several security issues found in Firefox 3.0.11 (5 Critical, 1 High):

Fixed in Firefox 3.0.12 :

MFSA 2009-40 Multiple cross origin wrapper bypasses
MFSA 2009-39 setTimeout loses XPCNativeWrappers
MFSA 2009-37 Crash and remote code execution using watch and __defineSetter__ on SVG element
MFSA 2009-36 Heap/integer overflows in font glyph rendering libraries
MFSA 2009-35 Crash and remote code execution during Flash player unloading
MFSA 2009-34 Crashes with evidence of memory corruption (rv:1.9.1/1.9.0.12)

1 Star2 Stars (No Ratings Yet)
Loading...