Fedora 25: Drupal7 Security Advisory for Critical Exploit

Equipped with a powerful blend of features, Drupal is a Content Management

System written in PHP that can support a variety of websites ranging from

personal weblogs to large community-driven websites. Drupal is highly

configurable, skinnable, and secure.

* [7.56](https://www.drupal.org/project/drupal/releases/7.56) * [SA-CORE-2017-003](https://www.drupal.org/SA-CORE-2017-003)

[ 1 ] Bug #1464008 - CVE-2017-6922 drupal7: Files uploaded by anonymous users into a private file system can be accessed by other anonymous users [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1464008

[ 2 ] Bug #1464007 - CVE-2017-6922 drupal7: Files uploaded by anonymous users into a private file system can be accessed by other anonymous users [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1464007

[ 3 ] Bug #1463856 - drupal7-7.56 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1463856

su -c 'dnf upgrade drupal7' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org