Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Fedora 27: 2018-143886fdbd Moderate: Drupal7 Cross-Site Scripting

fedora
Calendar Grey April 10, 2018
Dist Fedora Esm H88
Important patch released for Drupal7 on Fedora 27 to resolve several security concerns and vulnerabilities. Ensure your system is protected!
- -

Summary

Equipped with a powerful blend of features, Drupal is a Content Management

System written in PHP that can support a variety of websites ranging from

personal weblogs to large community-driven websites. Drupal is highly

configurable, skinnable, and secure.

- -

[ 1 ] Bug #1548190 - drupal7: drupal: JavaScript cross-site scripting in checkPlain function [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1548190

[ 2 ] Bug #1547793 - drupal7-7.57 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1547793

[ 3 ] Bug #1548324 - CVE-2017-6926 CVE-2017-6927 CVE-2017-6928 CVE-2017-6929 CVE-2017-6930 CVE-2017-6931 CVE-2017-6932 drupal7: drupal: Multiple vulnerabilities fixed in 7.57 and 8.4.5 (SA-CORE-2018-001) [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1548324

[ 4 ] Bug #1548201 - drupal7: drupal: External link injection on 404 pages when linking to the current page [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1548201

[ 5 ] Bug #1548197 - drupal7: drupal: jQuery vulnerability with untrusted domains requests via Ajax [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1548197

[ 6 ] Bug #1548195 - drupal7: drupal: Private file access bypass in Drupal private file system [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1548195

[ 7 ] Bug #1561801 - drupal7-7.58 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1561801

[ 8 ] Bug #1548191 - drupal7: drupal: JavaScript cross-site scripting in checkPlain function [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1548191

[ 9 ] Bug #1548326 - CVE-2017-6926 CVE-2017-6927 CVE-2017-6928 CVE-2017-6929 CVE-2017-6930 CVE-2017-6931 CVE-2017-6932 drupal7: drupal: Multiple vulnerabilities fixed in 7.57 and 8.4.5 (SA-CORE-2018-001) [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1548326

[ 10 ] Bug #1548202 - drupal7: drupal: External link injection on 404 pages when linking to the current page [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1548202

[ 11 ] Bug #1548198 - drupal7: drupal: jQuery vulnerability with untrusted domains requests via Ajax [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1548198

[ 12 ] Bug #1548194 - drupal7: drupal: Private file access bypass in Drupal private file system [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1548194

su -c 'dnf upgrade drupal7' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Topics%20covered

Topics Covered

security advisory moderate security issue fedora software update cross-site scripting drupal7

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Product: Fedora 27
Version: 7.58
Release: 1.fc27
URL:
Summary: An open-source content-management platform

Topics%20covered

Topics Covered

security advisory moderate security issue fedora software update cross-site scripting drupal7

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here