|
|
Log in / Subscribe / Register

Debian alert DLA-1550-1 (drupal7)



From:
              Chris Lamb <lamby@debian.org> 


To:
              debian-lts-announce@lists.debian.org 


Subject:
              [SECURITY] [DLA 1550-1] drupal7 security update 


Date:
              Fri, 19 Oct 2018 10:57:45 -0400


Message-ID:
               <1539961065.1989187.1547839048.172F0D0D@webmail.messagingengine.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : drupal7
Version        : 7.32-1+deb8u13
Debian Bugs    : #911336 #911337

It was discovered that there was a remote code execution and an
external URL injection vulnerability in the Drupal content
management framework.

For more information, please see:

  https://www.drupal.org/sa-core-2018-006

For Debian 8 "Jessie", these issues have been fixed in drupal7
version 7.32-1+deb8u13.

We recommend that you upgrade your drupal7 packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlvJ8OEACgkQHpU+J9Qx
HlhvRg//Q1HfQFSrXZvsgqoyo/PhzxBSl8PiDSSLxNfL8Iu3q1xJERp5z8zAGiOq
McRTjHrKQv4yxweG1z9BRUvIFaxxlfxOGaoFgw13WYoBcZnGZJLAWwYA6aeKzCFd
pYpaVTeQPpW1f5dPEhuuAjdz6FA2ntGvMvpTMVnh7t6gxxtrfIsHBHZ3San+NgYH
ZkRTm4577jNW7sJNRn+1gE3HVggNar8UkTnhNoczajdOVLOJ6OfVbITlLxykEH0J
2RlRqAva0tA8Y95mlS01wyC82W1Q+IsSi0Kd9DN05Sh1AbuMohW6T8bXDOsx0jUL
nJQt9SwcLKieRxiwSmQZy60Y8fIeEsgnlz28LDFKduHXE1+QaDZos7/DIvzecTDg
HvNU2XwkajTB3j9qvNf75orne0Tl/6gyaYnXxwaGlb9E/A8wMNFwzUn4dsfD/2EH
L5qjkuFWqI4pvlGX88gLDuIk3AnCy6Y9plaNxxFVairS+S0Ou/m+vuooTJXMjMA1
xWBPxN/AgO4ks7526bkCDTLI+kEByax4qQUUl9z46tPDXc9WzlnMhoHOdX5ghoiZ
hYQJSfmXdpXBr6QS/Q7/ApAnx0Ak9ENwVeRIjH/KY50vOCWZYqWjf9YPWNJLw2IV
Zq6JAdDctxQgyDLwiDlyZvZt93s8vsfLpD7AEoUyQvoLhwerieA=
=G/7r
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds