drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in Drupal
Name: |
Ausführen beliebiger Kommandos in Drupal |
|
ID: |
DSA-4156-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian jessie, Debian stretch |
|
Datum: |
Do, 29. März 2018, 06:06 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7600 |
|
Applikationen: |
Drupal |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4156-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 29, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : drupal7 CVE ID : CVE-2018-7600 Debian Bug : 894259
A remote code execution vulnerability has been found in Drupal, a fully-featured content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2018-002
For the oldstable distribution (jessie), this problem has been fixed in version 7.32-1+deb8u11.
For the stable distribution (stretch), this problem has been fixed in version 7.52-2+deb9u3.
We recommend that you upgrade your drupal7 packages.
For the detailed security status of drupal7 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/drupal7
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlq8EmVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RSvhAAmzzV41FcC0QKQYhwrxHx0uW+9uwzzkZojCdYV9KYtPOCM3EniFHKTjMy 3FaTedigWBu1x7Lpx/PtzIiapKwXFOTGk5C1TflHv6SbwMNV9kEpHsPK5YMFM234 lEyOqxlvIG2f/c2VeVumBPpmzAjTS+Id6dLC/vGl57IunAMeMl/WEN47f/RdA4qa dc52xocGdt2ldfZgkRuiWpfZV7Pz8EJBLXkATwzDTuvlzJp+anfUc/EZAoFiN7vp xwwSJYOyZhz3ikDtskYy0iq5BSeG4ic1qlqnkpDT1CUENjLY9uGHbnBDGZGftWZK 025qAtndSPc9AhI4aR+aNTDtUtu1VhNEEKi8SD5CeQ0mSmETvoEJCXmtMdP/aLns wHE/M+hGiwffFjJpyuoE0baVnII+ZPylEZG3kS2zJ/bbnnqIdoyD5PzdIVfzwORF rHACntrWzjZYrjHztlfwxv5/K3YdwcAdGavm+LGZTxXM8IalDkyEBL3tHiCgaipC E4pyFx00gzQ0M1U0Q8vzBFX6SRWV/6BOFTEEIucCFFZjfzD3aqYAHY0CtwDgACEG 6Vd9FiGosNt0W0xiTq0xDkNrA4b/Frb2mDCXFe+VZXo6GpWoWXEc/1oQLlAH9MOJ QwEr9sTpe+Mlm+irfgZAvdUK6m2zSE6XR9ePQ+PQ6o5QAMUlFZQ= =4O6l -----END PGP SIGNATURE-----
|
|
|
|