Newsletter | Develop Site Webmaster Posicionamiento en buscadores

Lightbox2 - Multiple Vulnerabilities

Published by dev1961 on Thu, 09/23/2010 - 11:49

* Advisory ID: DRUPAL-SA-CONTRIB-2010-095
* Project: Lightbox2 (third-party module)
* Version: 5.x, 6.x
* Date: 2010-September-22
* Security risk: Highly Critical
* Exploitable from: Remote
* Vulnerability: Access Bypass, Cross-Site Scripting

Ubercart sub-modules - Multiple Vulnerabilities

Published by dev1961 on Sat, 08/14/2010 - 16:47

* Advisory ID: DRUPAL-SA-CONTRIB-2010-083
* Project: UC2Checkout, UCPaypal, UC Cart LInks (third-party modules in the
Ubercart Project)
* Version: 5.x, 6.x
* Date: 2010-Aug-11
* Security risk: Critical
* Exploitable from: Remote
* Vulnerability: Access Bypass, Cross Site Request Forgery

Print - Local file read access

Published by dev1961 on Sat, 08/14/2010 - 16:43

* Advisory ID: DRUPAL-SA-CONTRIB-2010-082
* Project: Printer, e-mail and PDF versions (third-party module)
* Version: 5.x, 6.x
* Date: 2010-August-11
* Security risk: Critical
* Exploitable from: Remote
* Vulnerability: Local file read access

FileField Sources - Arbitrary Code Execution

Published by dev1961 on Sat, 08/14/2010 - 16:41

* Advisory ID: DRUPAL-SA-CONTRIB-2010-081
* Project: FileField Sources (third-party module)
* Version: 6.x
* Date: 2010-May-19
* Security risk: Critical
* Exploitable from: Remote
* Vulnerability: Arbitrary Code Execution

Privatemsg - Cross Site Scripting

Published by dev1961 on Sat, 08/14/2010 - 16:38

* Advisory ID: DRUPAL-SA-CONTRIB-2010-080
* Project: Privatemsg (third-party module)
* Version: 6.x
* Date: 2010-August-11
* Security risk: Moderately critical
* Exploitable from: Remote
* Vulnerability: Cross-Site Scripting

New ATutor 2.0 Modules

Published by ernesto on Sat, 08/14/2010 - 16:34

August 11, 2010

Three new modules for ATutor 2.0 were release today. They can be downloaded from the ATutor module site at the link below, or they can be imported directly from atutor.ca using the ATutor administrator's Module Manager. For more about modules, or to download them, visit:

Kaltura - Information disclosure

Published by dev1961 on Thu, 07/29/2010 - 08:05

* Advisory ID: DRUPAL-SA-CONTRIB-2010-078
* Project: Kaltura (third-party module)
* Versions: 5.x, 6.x
* Date: 2010-July-28
* Security risk: Less Critical
* Exploitable from: Remote
* Vulnerability: Information disclosure

Drupad Cross site request forgery

Published by dev1961 on Wed, 07/14/2010 - 23:13

* Advisory ID: DRUPAL-SA-CONTRIB-2010-074
* Projects: Drupad (third-party module)
* Version: 6.x
* Date: 2010-07-14
* Security risks: Critical
* Exploitable from: Remote
* Vulnerability: CSRF

ATutor 2.0 Released

Published by dev1961 on Wed, 07/07/2010 - 00:11

July 6, 2010

ATutor 2.0 has now been released. This version has some significant new features and represents a change of direction for ATutor software from its LMS roots to a collection of tools for developing online classrooms. ATutor administrators should upgrade their systems at their earliest convenience.

Drupal Upgrading

Published by dev1961 on Sat, 06/05/2010 - 14:16

UPGRADING
---------

Prior to upgrading, you should ensure that:

* Your system meets or exceeds Drupal's minimum requirements as shown at
http://drupal.org/requirements.
* You have a backup of all your relevant data (#1).
* Custom and contributed modules have been checked for compatibility (#11).
* Custom and contributed themes have been checked for compatibility (#11).
* You have read through this entire document.