[SECURITY] [DLA 1365-1] drupal7 security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1365-1] drupal7 security update
From: Abhijith PA <abhijith@disroot.org>
Date: Thu, 26 Apr 2018 14:58:04 +0530
Message-id: <[🔎] 8ef09c04-afbc-9af8-ca19-fdc6a2e42203@disroot.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : drupal7
Version        : 7.14-2+deb7u19
CVE ID         : CVE-2018-7602
Debian Bug     : 895778

A remote code execution vulnerability has been found within multiple
subsystems of Drupal. This potentially allows attackers to exploit
multiple attack vectors on a Drupal site, which could result in the
site being compromised.


For Debian 7 "Wheezy", these problems have been fixed in version
7.14-2+deb7u19.

We recommend that you upgrade your drupal7 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAlrhm6QACgkQhj1N8u2c
KO8j+A//V2kNZHi7SilwkjsjBV+cjjVP8TP9jqTtntykwph9ZN5MLHfrFeZpuFDz
xoZDF4OQJ5I52Ya5rvgiR0Jb2M26C5UFEW52UO1B+p7aWq7KGuHn2YuQmP4iJllB
HzIFeC6xFGrJ5jG37e3poQeJv9nueskUoUVRxRwYPmlAQ7AEWfzz6b46gfVE5WqC
W0+HzKZ8v7oZGVQ3YEs5ktMD8M+tCr+8KRBqlqYmfn6jY7tPpFtccK5WOCE0BLaW
e+v+2JCClBPESfnUHzsJM3fSh/m3F8SKo3YQ78x9AYmaxu1OgsC20M+PE8CRnv2U
LhOakMB+d7N8NZ65P/VHFEH4V/gVklea/fcm750h7aZrkt2nqcmkLeGvqh3wLoNB
GwAyzObAy4CeVuGVizkAr2siYMkPSqoW+FE6W9CTxmBbIQinIQaZMTVvBDGMkeFI
7fVxAezNB7A2Kz9n/ZTIacaib5ocbE2cXPViSDaw3FPNNw/Prk8/RXp8Ou1qbcCX
O8kGYM1/It2i7zfBzwyugPS8p2k3K+Vb7eMr8fdrep5hSU2/eDmRykZ1ZF4Yc4gz
YTCJ11PCOfmMs2WLylFk2lft1jneRqAxo6MepyWPmy6uzNstN8XX4V/whdF0memC
cZ0ZvkBQFNtiUHEr2B4bmKHUTT6TQanxA0UwR3fIbfaOzu03r2A=
=RADQ
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1364-1] openslp-dfsg security update
Next by Date: [SECURITY] [DLA 1366-1] wordpress security update
Previous by thread: [SECURITY] [DLA 1364-1] openslp-dfsg security update
Next by thread: [SECURITY] [DLA 1366-1] wordpress security update
Index(es):
- Date
- Thread