[SECURITY] Fedora EPEL 6 Update: drupal7-feeds-2.0-0.12.alpha9.el6
updates at fedoraproject.org
updates at fedoraproject.org
Mon Jul 20 19:48:10 UTC 2015
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2015-7007
2015-07-01 13:59:37
--------------------------------------------------------------------------------
Name : drupal7-feeds
Product : Fedora EPEL 6
Version : 2.0
Release : 0.12.alpha9.el6
URL : http://drupal.org/project/feeds
Summary : Aggregates RSS/Atom/RDF feeds, imports CSV files and more
Description :
Import or aggregate data as nodes, users, taxonomy terms or simple database
records.
This package provides the following Drupal modules:
* feeds
* feeds_import
* feeds_news (requires drupal7-features and drupal7-views)
* feeds_ui
--------------------------------------------------------------------------------
Update Information:
## 7.x-2.0-alpha9
**This is a security release. People running 7.x-2.0-alpha8 or below should update. This release only contains security fixes, no additional bug fixes or features.**
Changes since 7.x-2.0-alpha8:
* Issue #2495145 by twistor, cashwilliams, greggles, klausi: Possible XSS in PuSHSubscriber.inc
* Issue #2502419 by klausi: Log messages XSS attack vector
* Issue #1848498 by twistor: Respect allowed file extensions in file mapper
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1232973 - drupal7-feeds-2.0-alpha9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1232973
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update drupal7-feeds' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the epel-package-announce
mailing list