commit 4830666230dfb65272ea7d9f4424a88beeacccac
Author: Miklos Vajna <>
Date:   Sun Aug 22 22:29:22 2010 +0200


diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index f6b58e3..1227c12 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -26,6 +26,18 @@

+               <id>690</id>
+               <date>2010-08-22</date>
+               <author>Miklos Vajna</author>
+               <package>drupal6-cck</package>
+               <vulnerable>6.x_2.7-1locris1</vulnerable>
+               <unaffected>6.x_2.8-1locris1</unaffected>
+               <bts></bts>
+               <cve>No CVE, see</cve>
+               <desc>A vulnerability has been reported in the Drupal Content 
Construction Kit (CCK), which can be exploited by malicious users to disclose 
sensitive information.
+                       The vulnerability is caused due to the CCK "Node 
Reference" not properly validating field access levels on the source field of 
the backend URL, which can be exploited to view node titles and IDs of 
otherwise restricted nodes.</desc>
+       </fsa>
+       <fsa>
<author>Miklos Vajna</author>
Frugalware-git mailing list

Reply via email to