FEDORA-2018-c1f73debee

security update in Fedora 26 for drupal7

Status: obsolete

This update fixes multiple security vulnerabilities. Read more details here: https://www.drupal.org/SA-CORE-2018-001

Comments 4

This update has been submitted for testing by pfrields.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been obsoleted by drupal7-7.58-1.fc26.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1547793 drupal7-7.57 is available
#1548190 drupal7: drupal: JavaScript cross-site scripting in checkPlain function [fedora-all]
#1548191 drupal7: drupal: JavaScript cross-site scripting in checkPlain function [epel-all]
#1548194 drupal7: drupal: Private file access bypass in Drupal private file system [fedora-all]
#1548198 drupal7: drupal: jQuery vulnerability with untrusted domains requests via Ajax [fedora-all]
#1548202 drupal7: drupal: External link injection on 404 pages when linking to the current page [fedora-all]
#1548326 CVE-2017-6926 CVE-2017-6927 CVE-2017-6928 CVE-2017-6929 CVE-2017-6930 CVE-2017-6931 CVE-2017-6932 drupal7: drupal: Multiple vulnerabilities fixed in 7.57 and 8.4.5 (SA-CORE-2018-001) [fedora-all]
Content Type
RPM
Status
obsolete
Test Gating
Submitted by
Update Type
security
Update Severity
urgent
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 10 months ago
in testing 10 months ago

Related Bugs 7

00 #1547793 drupal7-7.57 is available
00 #1548190 drupal7: drupal: JavaScript cross-site scripting in checkPlain function [fedora-all]
00 #1548191 drupal7: drupal: JavaScript cross-site scripting in checkPlain function [epel-all]
00 #1548194 drupal7: drupal: Private file access bypass in Drupal private file system [fedora-all]
00 #1548198 drupal7: drupal: jQuery vulnerability with untrusted domains requests via Ajax [fedora-all]
00 #1548202 drupal7: drupal: External link injection on 404 pages when linking to the current page [fedora-all]
00 #1548326 CVE-2017-6926 CVE-2017-6927 CVE-2017-6928 CVE-2017-6929 CVE-2017-6930 CVE-2017-6931 CVE-2017-6932 drupal7: drupal: Multiple vulnerabilities fixed in 7.57 and 8.4.5 (SA-CORE-2018-001) [fedora-all]

Automated Test Results