diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index a2f05dd5d322056d68e839410171c8d9321e6909..fa1fd027d2bb40ad497639f5a051cf15a1dd7b07 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,6 +1,7 @@
-Drupal 6.28-dev, xxxx-xx-xx (development release)
+Drupal 6.28, 2013-01-16
----------------------
+- Fixed security issues (multiple vulnerabilities), see SA-CORE-2013-001.
Drupal 6.27, 2012-12-19
----------------------
diff --git a/includes/common.inc b/includes/common.inc
index b7d671ca969cad918014b09610984f1d8bd581ca..5daec4737464a9d322c97167a16bbc83e50f7291 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -665,7 +665,7 @@ function drupal_error_handler($errno, $message, $filename, $line, $context) {
return;
}
- if ($errno & (E_ALL ^ E_DEPRECATED)) {
+ if ($errno & (E_ALL ^ E_DEPRECATED ^ E_NOTICE)) {
$types = array(1 => 'error', 2 => 'warning', 4 => 'parse error', 8 => 'notice', 16 => 'core error', 32 => 'core warning', 64 => 'compile error', 128 => 'compile warning', 256 => 'user error', 512 => 'user warning', 1024 => 'user notice', 2048 => 'strict warning', 4096 => 'recoverable fatal error');
// For database errors, we want the line number/file name of the place that
diff --git a/misc/drupal.js b/misc/drupal.js
index f29e39810d4470aa25c0b2ee9e4881155a789912..a85b8f85794fb2cab99959add2026f536f4878b0 100644
--- a/misc/drupal.js
+++ b/misc/drupal.js
@@ -1,4 +1,27 @@
+/**
+ * Override jQuery.fn.init to guard against XSS attacks.
+ *
+ * See http://bugs.jquery.com/ticket/9521
+ */
+(function () {
+ var jquery_init = jQuery.fn.init;
+ jQuery.fn.init = function (selector, context, rootjQuery) {
+ // If the string contains a "#" before a "<", treat it as invalid HTML.
+ if (selector && typeof selector === 'string') {
+ var hash_position = selector.indexOf('#');
+ if (hash_position >= 0) {
+ var bracket_position = selector.indexOf('<');
+ if (bracket_position > hash_position) {
+ throw 'Syntax error, unrecognized expression: ' + selector;
+ }
+ }
+ }
+ return jquery_init.call(this, selector, context, rootjQuery);
+ };
+ jQuery.fn.init.prototype = jquery_init.prototype;
+})();
+
var Drupal = Drupal || { 'settings': {}, 'behaviors': {}, 'themes': {}, 'locale': {} };
/**
diff --git a/misc/tableheader.js b/misc/tableheader.js
index 9d05e2307fe928ad24e9ebe199daff78ffe97225..9deb18d84a65296712963b52ae4455061984c38b 100644
--- a/misc/tableheader.js
+++ b/misc/tableheader.js
@@ -69,7 +69,7 @@ Drupal.behaviors.tableHeader = function (context) {
// Get the height of the header table and scroll up that amount.
if (prevAnchor != location.hash) {
if (location.hash != '') {
- var offset = $('td' + location.hash).offset();
+ var offset = $(document).find('td' + location.hash).offset();
if (offset) {
var top = offset.top;
var scrollLocation = top - $(e).height();
diff --git a/modules/book/book.pages.inc b/modules/book/book.pages.inc
index 46eb86a212a55aa93210551b56fbf4e206a7bf50..e0e3f659887fd837b06175f2a8e8d26065e39dfc 100644
--- a/modules/book/book.pages.inc
+++ b/modules/book/book.pages.inc
@@ -39,6 +39,14 @@ function book_render() {
* in a format determined by the $type parameter.
*/
function book_export($type, $nid) {
+ // Check that the node exists and that the current user has access to it.
+ $node = node_load($nid);
+ if (!$node) {
+ return MENU_NOT_FOUND;
+ }
+ if (!node_access('view', $node)) {
+ return MENU_ACCESS_DENIED;
+ }
$type = drupal_strtolower($type);
diff --git a/modules/system/system.module b/modules/system/system.module
index 57cc91a1c576b70367c2c1d265c18b6092de803d..320f51fa1570deece1feb518c8855192ed5b1daf 100644
--- a/modules/system/system.module
+++ b/modules/system/system.module
@@ -8,7 +8,7 @@
/**
* The current system version.
*/
-define('VERSION', '6.28-dev');
+define('VERSION', '6.28');
/**
* Core API compatibility.