[Git][security-tracker-team/security-tracker][master] drupal DSA
Moritz Muehlenhoff
jmm at debian.org
Thu Oct 18 21:57:46 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
96a9005a by Moritz Muehlenhoff at 2018-10-18T20:56:53Z
drupal DSA
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -42,10 +42,12 @@ CVE-2018-18462
RESERVED
CVE-2018-XXXX [Injection in DefaultMailSystem::mail()]
- drupal7 <removed> (bug #911337)
+ [stretch] - drupal7 7.52-2+deb9u5
NOTE: https://www.drupal.org/sa-core-2018-006
NOTE: http://cgit.drupalcode.org/drupal/commit/?id=ee301cf5ebff3534b59fcece583b3a0e4f094f15
CVE-2018-XXXX [External URL injection through URL aliases]
- drupal7 <removed> (bug #911336)
+ [stretch] - drupal7 7.52-2+deb9u5
NOTE: https://www.drupal.org/sa-core-2018-006
NOTE: http://cgit.drupalcode.org/drupal/commit/?id=ee301cf5ebff3534b59fcece583b3a0e4f094f15
CVE-2018-18461 (The Arigato Autoresponder and Newsletter (aka bft-autoresponder) ...)
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,5 @@
+[18 Oct 2018] DSA-4323-1 drupal7 - security update
+ [stretch] - drupal7 7.52-2+deb9u5
[17 Oct 2018] DSA-4322-1 libssh - security update
{CVE-2018-10933}
[stretch] - libssh 0.7.3-2+deb9u1
=====================================
data/dsa-needed.txt
=====================================
@@ -17,9 +17,6 @@ If needed, specify the release by adding a slash after the name of the source pa
--
ceph
--
-drupal7
- gwolf prepared update
---
ghostscript (carnil)
Regression update: #909076, possibly #909929 (but see upstream issue),
and #909957
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/96a9005a8788703fde0baf5d8b9b572222809412
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/96a9005a8788703fde0baf5d8b9b572222809412
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181018/db9e8736/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list