Fedora 21: 2015-11018 Critical Drupal7-Feeds XSS Issues
fedora
July 16, 2015
## 7.x-2.0-alpha9 **This is a security release
Summary
Import or aggregate data as nodes, users, taxonomy terms or simple database
records.
This package provides the following Drupal modules:
* feeds
* feeds_import
* feeds_news (requires drupal7-features and drupal7-views)
* feeds_ui
Update Information:
## 7.x-2.0-alpha9
**This is a security release. People running 7.x-2.0-alpha8 or below should update. This release only contains security fixes, no additional bug fixes or features.**
Changes since 7.x-2.0-alpha8:
* Issue #2495145 by twistor, cashwilliams, greggles, klausi: Possible XSS in PuSHSubscriber.inc * Issue #2502419 by klausi: Log messages XSS attack vector * Issue #1848498 by twistor: Respect allowed file extensions in file mapper
Topics Covered
Change Log
* Wed Jul 1 2015 Peter Borsa
References
[ 1 ] Bug #1232973 - drupal7-feeds-2.0-alpha9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1232973
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update drupal7-feeds' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Name: drupal7-feeds
Product: Fedora 21
Version: 2.0
Release: 0.12.alpha9.fc21
URL:
Summary: Aggregates RSS/Atom/RDF feeds, imports CSV files and more
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!