Detections
Analytics

Fedora 23 : drupal7-views (2016-ed5f606dde)

high Nessus Plugin ID 92623

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

Fixes [Views - Less Critical - Access Bypass - SA-CONTRIB-2016-036](https://www.drupal.org/node/2749333)

Changes since 7.x-3.13 :

 - Adding field handlers for statistics fields

 - \#2200309 by helmo: Changed invalid placeholder from 'handler' to 'extender'.

 - \#2708535 by stefan.r: Allow users to sort on a specific language, showing it before any others

 - \#1359298 by robertwb: Support Plugins for Views Aggregate in D7 (D8 Backport)

 - \#1358412 by davidgrayston, marcelovani, jamiecuthill, mikeytown2, ParisLiakos, Josh Waihi: Content: Has taxonomy term ID (with depth) query performance

 - \#1615438 by rsmylski, MediaFormat, awolfey, ParisLiakos: Search terms: nodes dont appear when using multiple arguments

 - Revert 'Issue #1615438 by rsmylski, MediaFormat, awolfey, ParisLiakos: Search terms: nodes dont appear when using multiple arguments'

 - \#1567354 by joelpittet, robcolburn: Stop lowercasing undefined values.

 - \#1535912 by dawehner, joelpittet: Remove no-longer-necessary $condition variable.

 - \#981870 by infojunkie, joelpittet, andypost:
 views::get_url() to skip default arguments

 - \#959048 by rooby, dawehner, joelpittet, pyry_p: Added a revision count.

 - \#2563431 by joelpittet, lauriii: ajax_render should not be used; ajax_deliver should be used instead

 - \#564106 by rv0 et al.: More link to point to custom URL

 - Revert 'Issue #564106 by dawehner et al.: More link to point to custom URL'

 - \#1608920 by dawehner, rudiedirkx, axel.rutz, solotandem, Anybody, JvE, helior: Add drop-button field display

 - \#1482824 by DeFr, Alan Evans, robertom: Block display view ajax pager does not advance with multiple pagers on a page when the first pager > 0

 - \#1232920 by dawehner, Anybody, chiddicks: Hide earlier in the process.

 - \#1190900 by ls, philipz, Neograph734, Oniryck: Random sort from multiple value field in views

 - \#1090432 by fubhy, derhasi, rudiedirkx, IT-Cru: Allow additional field-to-field conditions with the default views_join handler

 - \#652610 by johnv, dawehner, colan, Les Lim: Stop caching when not set.

 - \#564106 by dawehner et al.: More link to point to custom URL

 - \#1948578 by jweowu: Duplicate code. Issue #1515156 patch applied twice

 - Merge branch '7.x-3.x' of git.drupal.org:project/views into 7.x-3.x

 - Revert 'Issue #2290127 by DanChadwick: pre_render not consistently passed result by reference'

 - \#1685144 by marcelovani, dawehner, q0rban: Refactor init_localization() to init and return the translate property for all plugins.

 - \#1262630 by damiankloip: Raw value tokens not replaced if used in css class

 - \#1262630 by Jelle_S, dgtlmoon: Raw value tokens not replaced if used in css class

 - \#2290127 by DanChadwick: pre_render not consistently passed result by reference

 - \#551808 by dawehner, axel.rutz: Provide hook_views_save, hook_view_delete

 - \#339384 by lotyrin, neuquen, marcingy, colan: Default option not set in exposed filters when terms are selected

 - \#2610292 by dawehner: Fix 7.x-3.x-dev test failures.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected drupal7-views package.

See Also

https://bodhi.fedoraproject.org/updates/FEDORA-2016-ed5f606dde

Plugin Details

Severity: High

ID: 92623

File Name: fedora_2016-ed5f606dde.nasl

Version: 2.5

Type: local

Agent: unix

Published: 7/29/2016

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:drupal7-views, cpe:/o:fedoraproject:fedora:23

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 7/28/2016

Vulnerability Publication Date: 7/28/2016

Reference Information