[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1325-1] drupal7 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : drupal7
Version        : 7.14-2+deb7u18
CVE ID         : CVE-2018-7600

Jasper Mattsson found a remote code execution vulnerability in the
Drupal content management system. This potentially allows attackers to
exploit multiple attack vectors on a Drupal site, which could result in
the site being completely compromised.

For further information please refer to the official upstream advisory
at https://www.drupal.org/sa-core-2018-002.

For Debian 7 "Wheezy", these problems have been fixed in version
7.14-2+deb7u18.

We recommend that you upgrade your drupal7 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlq8GlFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeT0Pg//d15fKuV4i8aZ0KvYyEIDaWBRPh9lYhfrv3Qc+hB8eAORkukH16fWqsN0
Xn2G4YpbEbW2YIE/M13AnKy97V4VVvVH5XBpbggKIS+HACZuyZ4MeX9ql83WeRhE
Jl0dfWiLuWJJD/tcs2ztQSXwZyQBlDLsGjEAneGQRQcf6ERKkzbtV539Dbt12CQ/
+ZI23s5nX1TKDjyyRTy17RQk3FhY1ZarCbfi29VAQ44JXqZl7AsEecgfZIESY13V
b9UlJQPw1ga3PsjSfFziJstQ33hZK1V+6tu+BVxSbma+TIstzFtvbhaNEQZWbM2R
gO7mLYg98q85fd/VTHYkHBm63BdjE4I//e/yE5nZ8NjrzUWncpMPAwjkifHBr1Yw
a3dzGRSUr8STCVZRVOpc/R9DovojCwU8XAEx+ONuCpMj1MBpWmtczwn/TJIJvXyA
wa3WDr7q0+Z1OYniXwmAEkcu4m+NYiuvQ5OD7VUpKA5MkOMBzGmIfZhKqAixcNWT
bwHGXSFOM02nYX18yOJXM8b17RtfbOsGzzGJH+aqZqQCdxtD8iiykrugERPkDzGj
7kUZ+IxVn6HeG5hbJM5hhcE9TbodRb5T2lFYwhgcX5UkLwVUB1zYJ/2BbHxUJyh6
9argbDhzD+sWEtHE5yuA+Dy+2eMax3DDh7/uCDvtGbsd1tUKQng=
=x224
-----END PGP SIGNATURE-----


Reply to: