[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1685-1] drupal7 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : drupal7
Version        : 7.32-1+deb8u15
CVE ID         : CVE-2019-6338


Drupal core uses the third-party PEAR Archive_Tar library. This
library has released a security update which impacts some Drupal
configurations. Refer to CVE-2018-1000888 for details. Also a possible
regression caused by CVE-2019-6339 is fixed.

For Debian 8 "Jessie", this problem has been fixed in version
7.32-1+deb8u15.

We recommend that you upgrade your drupal7 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAlxsyCsACgkQhj1N8u2c
KO/gBg//ZWve/tmYbgLhZXFr9d7lQZo76HppKRSnP+cLTa5HnGv7l9Q+CD4CqVhl
UG0pXO9IIOzhcmDNLasbnQWADpWFAcgUPB/V1MJ+JkQuakIBnS6aNLpAZiAE829U
+op2PuvxPSnyIsiYcm+abKJSO3W5q2iVGt3KNUPmsuebr3amZm29f9aAYU0CWtaw
h1HrCStYsPxKHCMtpyWXMmd5bo8v6lQFIHl4UxtaKosNK2DYfHkAoWXIrQrAPz70
J3yCUQJ4Fg8sIXoVuPzGC4Ncw/wmALzu1z6Mc8NvlXX/MQCDCTBqyG/EVCEsTYuv
oUvvDhywOhJafIaidHHxmvlL3LEkvH4KYqpyPEwU5p0mNMqjKNtvprCzfPcEvShB
3nsPa7hwOOi74o2eKkt1dPvIrjJ9eDWtnJBX5SX9YcTprFFjRkYn7Q9CQsHImFti
Z1NDfM2bfgi1iTADeO16jBZ3vTttokO8jauOep2vRjrhAbZG7GR/LyT1SMq6eqdU
9ySAknj+U3kRFPApAGdl5bCfcPWxe7cEsQY2EZwizKRQNcw8c/TlSVJU6iAr2xL8
bv42yqT2Ihveja0U1khNo+0C2vfgmpKF4lSdcG2XI23OzNaNc87DmSkXlkGaqKOr
//IkB9PK4vunXpq9ddZ6KOA5buoiuSaTjwidokoa6xSLfHdU/jw=
=jLCv
-----END PGP SIGNATURE-----


Reply to: