Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Fedora 29: 2019-a06dffab1c Critical: Drupal7 Remote Code Execution

fedora
Calendar Grey May 8, 2019
Dist Fedora Esm H88
Important Django 2.2 security advisory for Ubuntu 20.04. Addresses vulnerabilities and strengthens system defenses against potential threats.
* *

Summary

Equipped with a powerful blend of features, Drupal is a Content Management

System written in PHP that can support a variety of websites ranging from

personal weblogs to large community-driven websites. Drupal is highly

configurable, skinnable, and secure.

* *

* Tue Apr 30 2019 Shawn Iwinski - 7.66-1

- Update to 7.66 (RHBZ #1701036, #1702424, #1702425, #1702620, #1702619)

- (CVE-2019-11358)

* Wed Mar 20 2019 Shawn Iwinski - 7.65-1

- Update to 7.65 (RHBZ #1691035)

-

* Sat Feb 23 2019 Shawn Iwinski - 7.64-1

- Update to 7.64 (RHBZ #1673206)

-

-

* Thu Jan 31 2019 Fedora Release Engineering - 7.60-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

* Sun Oct 28 2018 Shawn Iwinski - 7.60-2

- Explicit python dependencies

- Explicit python2 except el5

- See https://koji.fedoraproject.org/koji/buildinfo?buildID=1156502

* Sat Oct 27 2018 Shawn Iwinski - 7.60-1

- Update to 7.60 (RHBZ #1643121 / RHBZ #1643122 / RHBZ #1643124 / SA-CORE-2018-006)

- Remove patch drupal-7.14-CVE-2012-2922 (see )

[ 1 ] Bug #1701972 - CVE-2019-11358 js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection

https://bugzilla.redhat.com/show_bug.cgi?id=1701972

su -c 'dnf upgrade --advisory FEDORA-2019-a06dffab1c' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory denial of service security update fedora critical remote execution drupal7

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 29
Version: 7.66
Release: 1.fc29
URL:
Summary: An open-source content-management platform

Topics%20covered

Topics Covered

security advisory denial of service security update fedora critical remote execution drupal7

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here