drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in Drupal
Name: |
Ausführen beliebiger Kommandos in Drupal |
|
ID: |
DSA-4180-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian jessie, Debian stretch |
|
Datum: |
Mi, 25. April 2018, 23:17 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7602 |
|
Applikationen: |
Drupal |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4180-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 25, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : drupal7 CVE ID : CVE-2018-7602 Debian Bug : 896701
A remote code execution vulnerability has been found in Drupal, a fully-featured content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2018-004
For the oldstable distribution (jessie), this problem has been fixed in version 7.32-1+deb8u12.
For the stable distribution (stretch), this problem has been fixed in version 7.52-2+deb9u4.
We recommend that you upgrade your drupal7 packages.
For the detailed security status of drupal7 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/drupal7
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlrg1NVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Qsaw/+MUBRyJRiMPeFg5wk+1wjZcZAf55OIkeJb9QgJoI4rshAQf7aB+gi7O0z 3r/0Q+IOTXh3VtCLWKOCg4kSDd03OZhVGVYwlkaZ3GyvVSD5WFhphtWV7p6ePzcm DbR4B1gOiDGR5MsWXw6PWxBuhgsppTVFXmyrA6hloEebIKXKwDU3HY5h2ZpBoAR8 GYjk3SQZbuODkjRZitPKxiu0fBriN5qz/tIhvMGjNFZHmJ3UVF877gou6kD2cV36 WjgUWhzg+JxZ/9gQ5aKzuO4yMBlaXuNCsIxvuEU3Gw3FeJIA/Sos0iGgvXR7p7iE PBtKWisc0z1f0Vt48jxR22C6sfvoxzrVjRD3ylwYMZPR2CkFoklKPGNC9Plfj5mG KcKOSAIfIv/1dXCDsddjY8zIrvTaJGokHmdkeNDTNFVfcEcDT5/vDwstWwBVheq6 7uFoJvHkWp+/oL4ysZT7pAk5Z+Lg1dkZ2IBxI7nJILPx81SIGzK0yGrrmTOVwtfZ L7xlFSQMDIhu9941GOZu8OC/gLQGqdsnNr28Bl2rMcZfAHwgCVkzof61kAi3eddG X/WC1EufxfLgJodRPuOuBsoxBDa76uli0vV2oh0DECD2oehMVEuDckr3q2npWWJ/ UNEOzBuxkWWO+HI2lwaNuKXkJQYlFoeHJKQvaHe97Ofsyvmut/Q= =Xddc -----END PGP SIGNATURE-----
|
|
|
|