Security issue in the Drupal plugin

Hello!

We want to notify a security issue in the Drupal plugin. https://www.drupal.org/sa-contrib-2019-010

We are working on this and after a couple of hours, a new release will be ready.

Update

The issue depends on the option “SpamFireWall”. We have fixed that and send the new version to the Drupal Team for approval.

While they are approving it, you can disable the option: Drupal Admin Page —> Modules —> OTHER category —> Anti-Spam by CleanTalk (Configure) —> disable “SpamFireWall”

The latest update on Feb 02 2019


We received the last answer and we hope that this
Monday new release will be approved. https://twitter.com/DamienMcKenna/status/1091507312056037377

At the moment we still haven’t received a response and the fixed version is still on validation.
Feb 06 2019.

Latest news.
We are pleased to inform you that the fixed version of our Drupal Plugin has been approved. https://www.drupal.org/project/cleantalk

Please, update your plugin. 

Thank you!

3 responses to “Security issue in the Drupal plugin”

  1. John says:

    What is the latest with this? Has the Drupal team approved this patch yet?

  2. Hello John,

    We think that it will be solved within 1-2 days. The Drupal team requested the text of notification for users. This is the last step before the new version will be approved.

    Thank you!

  3. John says:

    Thanks for answering. It is good to hear that progress is being made.

Leave a Reply

Your email address will not be published. Required fields are marked *