Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=e68204b728e60c70dd78c8592b673acb11673a1a
commit e68204b728e60c70dd78c8592b673acb11673a1a Author: Miklos Vajna <[email protected]> Date: Sat Jul 30 23:48:13 2011 +0200 FSA733-drupal7 diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml index 6dbfeee..5c5cc7e 100644 --- a/frugalware/xml/security.xml +++ b/frugalware/xml/security.xml @@ -26,6 +26,18 @@ <fsas> <fsa> + <id>733</id> + <date>2011-07-30</date> + <author>Miklos Vajna</author> + <package>drupal7</package> + <vulnerable>7.4-1nexon1</vulnerable> + <unaffected>7.7-1nexon1</unaffected> + <bts>http://bugs.frugalware.org/task/4538</bts> + <cve>No CVE references, see http://drupal.org/node/1231510</cve> + <desc>A vulnerability has been reported in Drupal, which can be exploited by malicious users to bypass certain security restrictions. + The vulnerability is caused due to the application not properly restricting access to files attached to a comment when access to the comment is restricted, which can be exploited to e.g. download the files.</desc> + </fsa> + <fsa> <id>732</id> <date>2011-07-27</date> <author>Miklos Vajna</author> _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
