summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGábor Hojtsy2009-12-16 20:47:10 +0000
committerGábor Hojtsy2009-12-16 20:47:10 +0000
commit23bda276dc19dd3b3d17174b808020ae820879c7 (patch)
tree3790d869c27da5c67994cd14b0acf449f4e4c948
parent8d634807273bd12c77a8d7923a861a6dcec39456 (diff)
Drupal 6.156.15
-rw-r--r--CHANGELOG.txt13
-rw-r--r--includes/common.inc2
-rw-r--r--modules/contact/contact.admin.inc2
-rw-r--r--modules/menu/menu.admin.inc1
-rw-r--r--modules/system/system.module2
5 files changed, 14 insertions, 6 deletions
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index fe1de74..ca3abe1 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,7 +1,9 @@
// $Id$
-Drupal 6.15-dev, xxxx-xx-xx (development release)
+Drupal 6.15, 2009-12-16
----------------------
+- Fixed security issues (Cross site scripting), see SA-CORE-2009-009.
+- Fixed a variety of other bugs.
Drupal 6.14, 2009-09-16
----------------------
@@ -92,7 +94,7 @@ Drupal 6.3, 2008-07-09
- Fixed Views compatibility issues (Views for Drupal 6 requires Drupal 6.3+).
- Fixed a variety of small bugs.
-Drupal 6.2, 2008-04-09
+Drupal 6.2, 2008-04-09
----------------------
- Fixed a variety of small bugs.
- Fixed a security issue (Access bypasses), see SA-2008-026.
@@ -204,6 +206,11 @@ Drupal 6.0, 2008-02-13
- Removed old system updates. Updates from Drupal versions prior to 5.x will
require upgrading to 5.x before upgrading to 6.x.
+Drupal 5.21, 2009-12-16
+-----------------------
+- Fixed a security issue (Cross site scripting), see SA-CORE-2009-009.
+- Fixed a variety of small bugs.
+
Drupal 5.20, 2009-09-16
-----------------------
- Avoid security problems resulting from writing Drupal 6-style menu declarations.
@@ -245,7 +252,7 @@ Drupal 5.13, 2008-12-10
-----------------------
- fixed a variety of small bugs.
- fixed security issues, (Cross site request forgery and Cross site scripting), see SA-2008-073
-- updated robots.txt and .htaccess to match current file use.
+- updated robots.txt and .htaccess to match current file use.
Drupal 5.12, 2008-10-22
-----------------------
diff --git a/includes/common.inc b/includes/common.inc
index f72a826..5267279 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -617,7 +617,7 @@ function drupal_error_handler($errno, $message, $filename, $line, $context) {
return;
}
- if ($errno & (E_ALL ^ E_DEPRECATED)) {
+ if ($errno & (E_ALL ^ E_DEPRECATED ^ E_NOTICE)) {
$types = array(1 => 'error', 2 => 'warning', 4 => 'parse error', 8 => 'notice', 16 => 'core error', 32 => 'core warning', 64 => 'compile error', 128 => 'compile warning', 256 => 'user error', 512 => 'user warning', 1024 => 'user notice', 2048 => 'strict warning', 4096 => 'recoverable fatal error');
// For database errors, we want the line number/file name of the place that
diff --git a/modules/contact/contact.admin.inc b/modules/contact/contact.admin.inc
index 38360d4..e83afa4 100644
--- a/modules/contact/contact.admin.inc
+++ b/modules/contact/contact.admin.inc
@@ -13,7 +13,7 @@ function contact_admin_categories() {
$result = db_query('SELECT cid, category, recipients, selected FROM {contact} ORDER BY weight, category');
$rows = array();
while ($category = db_fetch_object($result)) {
- $rows[] = array($category->category, $category->recipients, ($category->selected ? t('Yes') : t('No')), l(t('edit'), 'admin/build/contact/edit/'. $category->cid), l(t('delete'), 'admin/build/contact/delete/'. $category->cid));
+ $rows[] = array(check_plain($category->category), check_plain($category->recipients), ($category->selected ? t('Yes') : t('No')), l(t('edit'), 'admin/build/contact/edit/'. $category->cid), l(t('delete'), 'admin/build/contact/delete/'. $category->cid));
}
$header = array(t('Category'), t('Recipients'), t('Selected'), array('data' => t('Operations'), 'colspan' => 2));
diff --git a/modules/menu/menu.admin.inc b/modules/menu/menu.admin.inc
index aeed0ba..a8e8b49 100644
--- a/modules/menu/menu.admin.inc
+++ b/modules/menu/menu.admin.inc
@@ -15,6 +15,7 @@ function menu_overview_page() {
while ($menu = db_fetch_array($result)) {
$menu['href'] = 'admin/build/menu-customize/'. $menu['menu_name'];
$menu['localized_options'] = array();
+ $menu['description'] = filter_xss_admin($menu['description']);
$content[] = $menu;
}
return theme('admin_block_content', $content);
diff --git a/modules/system/system.module b/modules/system/system.module
index 154ad65..f886d4c 100644
--- a/modules/system/system.module
+++ b/modules/system/system.module
@@ -9,7 +9,7 @@
/**
* The current system version.
*/
-define('VERSION', '6.15-dev');
+define('VERSION', '6.15');
/**
* Core API compatibility.