[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1746-1] drupal7 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : drupal7
Version        : 7.32-1+deb8u16
CVE ID         : CVE-2019-6341

It was discovered that missing input sanitising in the file module of
Drupal, a fully-featured content management framework, could result in
cross-site scripting.

For Debian 8 "Jessie", this problem has been fixed in version
7.32-1+deb8u16.

We recommend that you upgrade your drupal7 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlyiHFEACgkQnUbEiOQ2
gwL8thAAgLDwlOyeLMD5lsmaJbErDZUvR+D0leuMPFMV7ijf2ZbIJp8EFs7nCP8a
4JpIeuTD5IOPqc6dspsDe+DAmLKEfpLBgdHMOkmEZ3oE2s4MEhKpAvrM9lJYhbRi
UD/MI1KQ3Xi9M+XSS1/eglUZrWjbpRvGgsuCMo89r6HJD56fcIuIMCOqj6DgYK6s
Lq8qVOlDMPs2PD7r/Wql/yOW2RSp3AXoijLc7xreOQ0Lb+zye5cVCrzEosQpLvAO
OcgjIxilYmYtVIZn6c5abGx2QUDdAovWI3kssie8Yz0odxqsP6rAabAP2Xktwhe9
GijALQYv38aGcLVXw9+RZ5l2wBM30Utj0RwIywKuD7LYQX+nR/YaS3G5y+iEbP3c
V6B07ywrWr3los2myeKtsleaLXTuWFCh4L5a9cyVddmt50sZy7D6ty67WX7uMvUD
MNRSMdjG2zmjhJLt9H3lMbjtNUg1+ZZwETYrZTZ40O+JKPLeckNBETO/GaX5rveq
/2YopnA09UJuBnCgHSZ4cYyhJ2dol8JyPT7iQt2v5vS3YrZHy1BzUkjydtbpZ+S3
6lldzsh+XljoH5piPCBF2fxnqaMWpZgHI3iaHjxIt4GQD5uoMlAvNTpilHXoMapr
Pon+4I7WZ73Kx5gxAjI/1QJN7SKRZTvTyCdJ+VJy7v7abkviq1g=
=ZWIA
-----END PGP SIGNATURE-----


Reply to: