1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4445-1] drupal7 security update

    From Moritz Muehlenhoff@1:229/2 to All on Tue May 14 23:20:01 2019
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4445-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff
    May 14, 2019 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : drupal7
    CVE ID : CVE-2019-11831

    It was discovered that incomplete validation in a Phar processing
    library embedded in Drupal, a fully-featured content management
    framework, could result in information disclosure.

    For additional information, please refer to the upstream advisory
    at https://www.drupal.org/sa-core-2019-007.

    For the stable distribution (stretch), this problem has been fixed in
    version 7.52-2+deb9u9.

    We recommend that you upgrade your drupal7 packages.

    For the detailed security status of drupal7 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/drupal7

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlzbL2sACgkQEMKTtsN8 TjbL6A/7BHHBGJ4tjqKczWx0deQkhAMaomeuWsKO6t9Xt2Ec8YVCnazZGCem5DtP NBrFy4K1WvCBsZs5qjcAWpTZIFvrmJHLKNq3/cLHJ/L6r8Qx7TZahSlIltHGYZ0l 4AKkLeKWhfvV2gOpnrnvOzYnejW+ovmA9Pft2P9hbAY9PUIHQA4qSm3o2zRydMFC 67M/Hu9Dziby31nIFenJE29AmWJXGli8SlQtppx12bYJZrW3syCrlXSQ+cDEplN+ NaXlV3qtc49Q6cI+CEgeB0TEsDAaIJprIDpGVDqOKL6FOoKdDkuQdWdQPddpD+DX qAiuopTX7fg9PauONKQGDVJ5wc7T5rRJRFTdqeE04+ONanmQrzYCngBkSMqis+rn 8jgyjhrx5V9sUlBXnQZuf/G2zajqPHQSi1enxLiNOV+HJ/6ZHVzo8nwYa7r5RIyM xp398w/11HnBRUjNUjPQ+/RitUkKmFQcW7pTNqwcXagX+Gyi5kzEpL3xm6FG83ne sh8H1z4hLT5R2YjztVJOnlulGTfRRZD3Yctueu8alwMnwGmBZY2cHWOHFnnuw5en ZSfuxI7u72Y7QkSdYMDPWY1y7zHWjVtDtZzVI3bJQBZuNFlz1hb2CAXe76/TZuP2 MyphZUbHoYAx5SNtpGpekes/CvFJwdgTu+IVinjNd33IThOk53M=
    =dTdm
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)