Commit 01c9f616 authored by David_Rothstein's avatar David_Rothstein

Drupal 6.34

parent c71b15f6
Drupal 6.34, 2014-11-19
----------------------
- Fixed security issues (session hijacking). See SA-CORE-2014-006.
Drupal 6.33, 2014-08-06
----------------------
- Fixed security issues (denial of service). See SA-CORE-2014-004.
......
......@@ -41,7 +41,7 @@ function sess_read($key) {
register_shutdown_function('session_write_close');
// Handle the case of first time visitors and clients that don't store cookies (eg. web crawlers).
if (!isset($_COOKIE[session_name()])) {
if (empty($key) || !isset($_COOKIE[session_name()])) {
$user = drupal_anonymous_user();
return '';
}
......
......@@ -8,7 +8,7 @@
/**
* The current system version.
*/
define('VERSION', '6.33');
define('VERSION', '6.34');
/**
* Core API compatibility.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment