Security update for Core, with self-updated composer

[yaffs-website] / web / core / modules / locale / src / LocaleLookup.php

diff --git a/web/core/modules/locale/src/LocaleLookup.php b/web/core/modules/locale/src/LocaleLookup.php
index 9290efc3058a09a4de2ee8208c942df6a760a14d..a4be39c1a86b5e7426730a838dcbfe1fc7d2860f 100644 (file)
--- a/web/core/modules/locale/src/LocaleLookup.php
+++ b/web/core/modules/locale/src/LocaleLookup.php
@@ -7,6 +7,7 @@ use Drupal\Core\Cache\CacheCollector;
 use Drupal\Core\Config\ConfigFactoryInterface;
 use Drupal\Core\Language\LanguageManagerInterface;
 use Drupal\Core\Lock\LockBackendInterface;
+use Drupal\Core\StringTranslation\PluralTranslatableMarkup;
 use Symfony\Component\HttpFoundation\RequestStack;
 
 /**
@@ -172,6 +173,12 @@ class LocaleLookup extends CacheCollector {
       }
     }
 
+    if (is_string($value) && strpos($value, PluralTranslatableMarkup::DELIMITER) !== FALSE) {
+      // Community translations imported from localize.drupal.org as well as
+      // migrated translations may contain @count[number].
+      $value = preg_replace('!@count\[\d+\]!', '@count', $value);
+    }
+
     $this->storage[$offset] = $value;
     // Disabling the usage of string caching allows a module to watch for
     // the exact list of strings used on a page. From a performance