[SECURITY] [DLA 1550-1] drupal7 security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1550-1] drupal7 security update
From: Chris Lamb <lamby@debian.org>
Date: Fri, 19 Oct 2018 10:57:45 -0400
Message-id: <[🔎] 1539961065.1989187.1547839048.172F0D0D@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : drupal7
Version        : 7.32-1+deb8u13
Debian Bugs    : #911336 #911337

It was discovered that there was a remote code execution and an
external URL injection vulnerability in the Drupal content
management framework.

For more information, please see:

  https://www.drupal.org/sa-core-2018-006

For Debian 8 "Jessie", these issues have been fixed in drupal7
version 7.32-1+deb8u13.

We recommend that you upgrade your drupal7 packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlvJ8OEACgkQHpU+J9Qx
HlhvRg//Q1HfQFSrXZvsgqoyo/PhzxBSl8PiDSSLxNfL8Iu3q1xJERp5z8zAGiOq
McRTjHrKQv4yxweG1z9BRUvIFaxxlfxOGaoFgw13WYoBcZnGZJLAWwYA6aeKzCFd
pYpaVTeQPpW1f5dPEhuuAjdz6FA2ntGvMvpTMVnh7t6gxxtrfIsHBHZ3San+NgYH
ZkRTm4577jNW7sJNRn+1gE3HVggNar8UkTnhNoczajdOVLOJ6OfVbITlLxykEH0J
2RlRqAva0tA8Y95mlS01wyC82W1Q+IsSi0Kd9DN05Sh1AbuMohW6T8bXDOsx0jUL
nJQt9SwcLKieRxiwSmQZy60Y8fIeEsgnlz28LDFKduHXE1+QaDZos7/DIvzecTDg
HvNU2XwkajTB3j9qvNf75orne0Tl/6gyaYnXxwaGlb9E/A8wMNFwzUn4dsfD/2EH
L5qjkuFWqI4pvlGX88gLDuIk3AnCy6Y9plaNxxFVairS+S0Ou/m+vuooTJXMjMA1
xWBPxN/AgO4ks7526bkCDTLI+kEByax4qQUUl9z46tPDXc9WzlnMhoHOdX5ghoiZ
hYQJSfmXdpXBr6QS/Q7/ApAnx0Ak9ENwVeRIjH/KY50vOCWZYqWjf9YPWNJLw2IV
Zq6JAdDctxQgyDLwiDlyZvZt93s8vsfLpD7AEoUyQvoLhwerieA=
=G/7r
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1548-1] libssh security update
Next by Date: [SECURITY] [DLA 1551-1] exiv2 security update
Previous by thread: [SECURITY] [DLA 1548-1] libssh security update
Next by thread: [SECURITY] [DLA 1551-1] exiv2 security update
Index(es):
- Date
- Thread