Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=ef7d93a1a6ba03cb90f3f6662b430c7d7d6764a1
commit ef7d93a1a6ba03cb90f3f6662b430c7d7d6764a1 Author: kikadf <[email protected]> Date: Mon Nov 24 08:53:20 2014 +0100 Add FSA for drupal7 diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml index b707d6b..b62a8f9 100644 --- a/frugalware/xml/security.xml +++ b/frugalware/xml/security.xml @@ -39,6 +39,19 @@ <fsas> <fsa> + <id>939</id> + <date>2014-11-24</date> + <author>kikadf</author> + <package>drupal7</package> + <vulnerable>7.22-2arcturus5</vulnerable> + <unaffected>7.22-2arcturus6</unaffected> + <bts></bts> + <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9015 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9016</cve> + <desc>Aaron Averill discovered that a specially crafted request can give a user access to another user's session, allowing an attacker to hijack a random session. + Michael Cullum, Javier Nieto and Andres Rojas Guerrero discovered that the password hashing API allows an attacker to send specially crafted requests resulting in CPU and memory exhaustion.</desc> + </fsa> + <fsa> <id>938</id> <date>2014-11-21</date> <author>kikadf</author> _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
