En

Drupal官网安全更新(2021-04-07)

来源:Drupal官网 发布日期:2021-04-07 阅读次数:6563 评论:0

基本信息

发布日期:2021-04-07(官方当地时间)

更新类型:安全更新

更新版本:9.1.6

感知时间:2021-04-07 19:54:46

风险等级:未知

情报贡献:TSRC

更新标题

drupal 9.1.6

更新详情

This is a patch (bugfix) release of Drupal 9 and is ready for use on production sites. Learn more about Drupal 9.

Drupal 9.1.x will receive security coverage until December 8, 2021 when Drupal 9.3.0 is released.
If you are upgrading from Drupal 8, read upgrading a Drupal 8 site to Drupal 9, 9.0.0 release notes, and the 9.1.0 release notes before upgrading to this release.
If your site is on 8.8.x or earlier, you may wish to upgrade to Drupal 8.9.13 instead. Regardless of which version you choose now, features will only be added to Drupal 9 minor releases, so plan to adopt Drupal 9 as soon as possible so that you can easily update to Drupal 9.2 and later.
Known issues
Search the issue queue for known issues.
Changes since 9.1.5:

Drupal 9.1.6
#3171827 by mohit_aghera, ankithashetty, jmeijer, jibran: RouteNotFoundException: Route "jsonapi.[entity].[field_name].related" does not exist
#3200809 by Matroskeen, quietone: Add documentation for d6 field source plugins
#3199742 by Matroskeen, ravi.shankar, quietone: Add documentation for block source plugins
#3207086 by benjifisher, larowlan, mondrake, Spokje: [HEAD BROKEN] Consistent failure in MonthDatePluginTest
#3204163 by jonathanshaw: EntityQuery accessCheck: tests should not check access unless relevant
#3204419 by jonathanshaw, longwave: EntityQuery accessCheck: always specifiy accessCheck, don't rely on the default
#3202125 by jonathanshaw, Berdir, catch, longwave: EntityQuery accessCheck: unique value validation should not be access sensitive
#3160629 by raman.b, tim.plunkett, Berdir: BlockPluginTrait cannot call ::addContextAssignmentElement() itself
#2992894 by mohit_aghera, adityasingh, adalbertov, raman.b, vsujeetkumar, mgifford, RenatoG, nishantghetiya, Kristen Pol, alexpott, penyaskito, andrewmacpherson, catch: Search results of multi-lingual pages fail Language of Parts
#3183301 by mcdruid, longwave, markwittens, nathandentzau, marcaddeo, janusman, -nrzr-, David_Rothstein, Heine, vijaycs85, xjm, tim.plunkett, pandaski, Wim Leers, larowlan: Add tests for SA-CORE-2020-009
#3106659 by phenaproxima, aleevas, rajanvalecha12, Drupaldev2013, audacus, mulukallaarun, Kristen Pol, dpi: Media types with missing source fields break the status report page
#3204986 by Matroskeen, quietone: Add documentation for d7 field source plugins
#3203369 by jonathanshaw, andypost: EntityQuery accessCheck: aggregator module
#2850057 by Munavijayalakshmi, gaurav.kapoor, ankithashetty, Pavan B S, ritzz, joachim, xjm, amateescu, Vishalghyv: all methods in SelectionInterface() are missing @param docs
#3204140 by jonathanshaw, catch: EntityQuery accessCheck: menu_ui_get_menu_link_defaults() should not be access sensitive
#3094366 by mohit_aghera, KittenDestroyer, Berdir, rensingh99: Error when saving config entity with "Link to entity" checked if field formatters
#3090941 by raman.b, breakfull, jmdeleon, amd.miri, tim.plunkett, rwohleb: Layout builder assumes all breadcrumb links are routable
#3203265 by hctom, quietone: Wrong/Missing variable type hint for $row property of MigrateProcessTestCase class
#3204353 by pragati_kanade, ravi.shankar, Chi, longwave: hook_link_alter() wrong example
#3205344 by alexpott: Calling system_requirements() can be expensive - do the cheap check first
#3202808 by andy-blum, mherchel: malformed twig in book-tree tremplate
#2958588 by cainaru, lauriii, DamienMcKenna, longwave, galactus86, bkosborne, pawandubey, clayfreeman, doublealpha, Blackstallion, tim.plunkett, justcaldwell, kpaxman, mark_fullmer: Off-canvas style resets are overriding styles (especially SVGs) resulting in display issues
#3201393 by Lendude, dww, imalabya, dawehner, anmolgoyal74, Abhijith S: Filter glossary view by status
#3205024 by longwave: Missing use statement in Drupal\Core\Database\Driver\mysql\Connection
#3106455 by hash6, Hardik_Patel_12, longwave, alexpott, xjm: Undefined variable used in /core/modules/system/tests/src/Functional/FileTransfer/TestFileTransfer.php
#3196699 by edysmp: Set the proper handler type names on EntityTypeInterface::getHandlerClasses documentation
#3192363 by anmolgoyal74, amateescu: Ensure that moderation can not be enabled for the 'workspace' entity type
#3008712 by phjou, s.abbott, msuthars, Sam152, chr.fritsch, phenaproxima: oEmbed URL resolution does not take multiple endpoints into account
#3204764 by longwave, mondrake: PHPUnit assertions do not return a value
#3034324 by BlacKICEUA, nanak: Incorrect PHPDoc comment for public function FormStateInterface::has($property)
#3201714 by jonathanshaw, ravi.shankar, longwave, catch, alexpott: EntityQuery accessCheck: data cleanup should never care about the current user
#3204389 by jonathanshaw, andypost: EntityQuery accessCheck: MediaRevisionAccessCheck::countDefaultLanguageRevisions should not check access
#3203596 by jonathanshaw, amateescu: EntityQuery accessCheck: workspacePublisher is wrongly access sensitive
#3047722 by jhodgdon, shetpooja04, mohrerao, anmolgoyal74, nitesh624, _m, ankithashetty, batigolix, gaurav.kapoor, daffie, shwetaneelsharma: Convert content_moderation, workflows module hook_help() to topic(s)
#2407187 by artem_sylchuk, longwave, Matroskeen, Berdir, Wim Leers, andypost, abramm: Optimize LibraryDependencyResolver::getMinimalRepresentativeSubset() and win >=4%
#3204138 by jonathanshaw, longwave: EntityQuery accessCheck: MenuLinkContentDeriver::getDerivativeDefinitions should not be access sensitive
#3169212 by int_ua, Matroskeen, anmolgoyal74, Krzysztof Domański, biblos, xjm, init90: Improve transliteration of Ukrainian letters
Revert "Issue #3199730 by mohit_aghera, Abhijith S, AJV009, Gauravmahlawat, shriaas2898, pameeela, roman-yrv, ranjith_kumar_k_u, Kumar Ashutosh, ilgnerfagundes: Views block description is double-escaped if display name is set"
#3199730 by mohit_aghera, Abhijith S, AJV009, Gauravmahlawat, shriaas2898, pameeela, roman-yrv, ranjith_kumar_k_u, Kumar Ashutosh, ilgnerfagundes: Views block description is double-escaped if display name is set
#3199999 by Matroskeen, quietone: Add documentation for language source plugins
#3067609 by quietone, alexpott, justafish, sheanhoxie, flocondetoile, heddn: Fix config schema for links and migration of link default values
#3203625 by jonathanshaw, guilhermevp: EntityQuery accessCheck: BlockContentUuidLookup should no be access sensitive
#3202915 by longwave, mondrake: Convert assertions involving use of xpath on textareas to WebAssert
#3202440 by jonathanshaw, longwave: EntityQuery accessCheck: field ui cardinality validation should not be access sensitive
#2917606 by init90, julia_schwarz, thomas.pischke.newscycle, amateescu: FieldStorageConfigStorage::loadByProperties() with passed 'entity_type' and 'field_name' as conditions doesn't return any result
#3203401 by jonathanshaw, longwave: EntityQuery accessCheck: LayoutBuilderEntityViewDisplayForm hasOverrides()
#3203366 by jonathanshaw: EntityQuery accessCheck: user_is_blocked() should not be access sensitive
#3202107 by jonathanshaw, longwave: EntityQuery accessCheck: _tracker_remove() updating should not be access sensitive
#3202040 by jonathanshaw: EntityQuery accessCheck: bundle delete forms should warn of content at risk regardless of access
#3196388 by Gábor Hojtsy, Pooja Ganjage, ranjith_kumar_k_u: Incorrect link for initiative responsibilities in MAINTAINERS.txt
#3198400 by mondrake, daffie, alexpott, longwave: Convert assertions involving use of xpath on input tags to WebAssert
#3201470 by jonathanshaw, catch, longwave: EntityQuery accessCheck: Cron functions should never check access
#3192260 by danflanagan8, longwave, jhodgdon, dww: [random test failure] Random fail in media_library CKEditorIntegrationTest
#3165784 by johnwebdev, boch, longwave, al.iv: LogicException: Cannot use UTF-8 route patterns without setting the "utf8" option for route
#3182653 by longwave, Eli-T, devad: PHPUnit 9.4.3 Fatal error: Trait 'Prophecy\PhpUnit\ProphecyTrait' not found
#3200535 by quietone, danflanagan8: Test term parent ID in ContentEntityTest
Back to dev.
Release type: Bug fixes

软件描述

Drupal是使用PHP语言编写的开源内容管理框架(CMF),它由内容管理系统(CMS)和PHP开发框架(Framework)共同构成。

CVE编号

TSRC分析

暂无

业界资讯

暂无

评论

提交评论 您输入的评论有误,请重新输入