security updates

have to check views and entityreference for custom patches

sites/all/modules/contrib/dev/ctools/includes/fields.inc

@@ -79,6 +79,19 @@ function ctools_fields_get_field_formatter_settings_form($field, $formatter_type
     $instance = ctools_fields_fake_field_instance($field['field_name'], $view_mode, $formatter_type, $conf['formatter_settings']);
     $settings_form = $function($field, $instance, $view_mode, $form, $form_state);
     if ($settings_form) {
+      // Allow other modules to alter the formatter settings form.
+      $context = array(
+        'module' => $formatter['module'],
+        'formatter' => $formatter,
+        'field' => $field,
+        'instance' => $instance,
+        'view_mode' => $view_mode,
+        'form' => $form,
+        'form_state' => $form_state,
+      );
+      drupal_alter('field_formatter_settings_form', $settings_form, $context);
+
+      $settings_form['#tree'] = TRUE;
       $form['ctools_field_list']['#value'][] = $field;
       $form += $settings_form;
     }