commit 226df9b81dda76ab498ff70768e92c4e3e88894e
Author: Miklos Vajna <>
Date:   Sun May 3 13:19:40 2009 +0200

security: typo fix

diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index a954a8c..bfbbd55 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -37,6 +37,20 @@
<desc>See FSA594.</desc>
+               <id>594</id>
+               <date>2009-05-03</date>
+               <author>Miklos Vajna</author>
+               <package>drupal</package>
+               <vulnerable>5.16-1</vulnerable>
+               <unaffected>5.17-1anacreon1</unaffected>
+               <bts></bts>
+               <cve>No CVE, see</cve>
+               <desc>Some vulnerabilities have been reported in Drupal, which 
can be exploited by malicious people to conduct script insertion attacks or to 
disclose potentially sensitive information.
+                       1) User provided input is not properly sanitised before 
being used. This can be exploited to insert arbitrary HTML and script code, 
which will be executed in a user's browser session in context of an affected 
site when the malicious data is viewed and interpreted as UTF-7.
+                       Successful exploitation requires the ability to post 
+                       2) An unspecified error can be exploited to disclose 
information about form submissions when a user is tricked into submitting a 
form after following a specially crafted link to the site. This can further be 
exploited to conduct e.g. cross-site request forgery attacks.</desc>
+       </fsa>
+       <fsa>
<author>Miklos Vajna</author>
Frugalware-git mailing list

Reply via email to