lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sat, 24 Feb 2018 13:05:26 +0100
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4123-1] drupal7 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4123-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 24, 2018                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : drupal7
CVE ID         : not yet available
Debian Bug     : 891154 891153 891152 891150

Multiple vulnerabilities have been found in the Drupal content management
framework. For additional information, please refer to the upstream
advisory at https://www.drupal.org/sa-core-2018-001

For the oldstable distribution (jessie), this problem has been fixed
in version 7.32-1+deb8u10.

For the stable distribution (stretch), this problem has been fixed in
version 7.52-2+deb9u2.

We recommend that you upgrade your drupal7 packages.

For the detailed security status of drupal7 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/drupal7

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlqRVG0ACgkQEMKTtsN8
TjYnfBAAu6LabC2r9lnRO3Vf9Oae80kD/LJ5zCCR8kPuR8CqquFDQkrQ7ImnRhYG
ZeLK7TBKGpbWJPrNASm6p3Apvkl82S7NLXY8EV9uFpzx04KfKUZ6yOkaPFsVg4Dv
uzCKVpty9H9VOmlW16a9Z8soKr4ya5Rd3abcV3bOYueCNp+lqb05Uvx+UaJPWOGB
vqea1o8XZnIjDL60RbNGcHubs0bDi8+07HF+8T8MX+tWbR5tAlnoPJ57QO78oa6y
VbXHdweiDcvEUaTKvUVPo/1c0YuZRSWwJq9LJOF6gUHCycrIzZGEq6EaPsn/reGT
lLXnWQHbwGy4/e/I0ymqv6GBTBiMcl46P2Lgvvbe1+nDjGBojaOr8qO1er3jQb3L
v8otDkBFDl6oM5NlY8G4zmdMPo19J9PM4mAfafl0GeRqHczJcqCJS83Ne5JZ9iDl
nRcG27L+sXXT+wBQdEL0AOGiY/s9o91jCjhrnfdDs/+B3875m92ZfXJIjTLEJRX5
JbPbvuJ6hBuMrLDTg0jWhUX5Bu1EZjx/vU90aroQhxwpP/tTvnm3slWXZFnsdlZ8
Z7XxLpyFKmNfhFtnvhWNiD1HRoffG52utSnaKYUO+H2wVgJ3978lVN7fZ0Ob185p
wfD/fCsZNq6+S8JnL9/DIx0ExzFu+lsTnt4gp35PjJCb433C72M=
=HZP9
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ