/
From: Code for Libraries [CODE4LIB@LISTSERV.ND.EDU javascript:;] on
behalf of Lin, Kun [l...@cua.edu javascript:;]
Sent: Friday, October 31, 2014 2:10 PM
To: CODE4LIB@LISTSERV.ND.EDU javascript:;
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
I
: Friday, October 31, 2014 2:10 PM
To: CODE4LIB@LISTSERV.ND.EDU javascript:;
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
I think so. However, Cloudflare in their blog post claim they have
develop
a way to block the attack immediately when the vulnerability was
announced
Sent: Friday, October 31, 2014 1:44 PM
To: CODE4LIB@LISTSERV.ND.EDU javascript:;
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
The vulnerability was discovered in the course of an audit by
SektionEins,
a German security firm, and immediately reported to the Drupal Security
Team
: [CODE4LIB] Terrible Drupal vulnerability
I think so. However, Cloudflare in their blog post claim they have
develop
a way to block the attack immediately when the vulnerability was
announced.
Whether or not they know the exploit ahead of time or not, it would be
good
to know someone is watching out
:;]
Sent: Friday, October 31, 2014 2:10 PM
To: CODE4LIB@LISTSERV.ND.EDU javascript:;
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
I think so. However, Cloudflare in their blog post claim they have develop
a way to block the attack immediately when the vulnerability was announced
This is what I posted to the Drupal4Lib list:
By now, you should have seen https://www.drupal.org/PSA-2014-003 and heard
about the Drupageddon exploits. and you may be wondering if you were
vulnerable or iff you were hit by this, how you can tell and what you
should do.
@LISTSERV.ND.EDU] On Behalf Of Cary
Gordon
Sent: Friday, October 31, 2014 9:59 AM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
This is what I posted to the Drupal4Lib list:
By now, you should have seen https://www.drupal.org/PSA-2014-003 and heard
] Terrible Drupal vulnerability
This is what I posted to the Drupal4Lib list:
By now, you should have seen https://www.drupal.org/PSA-2014-003 and
heard about the Drupageddon exploits. and you may be wondering if you
were vulnerable or iff you were hit by this, how you
] On Behalf Of Cary
Gordon
Sent: Friday, October 31, 2014 11:10 AM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
How do they receive vulnerability report ahead of general public? From whom?
Cary
On Friday, October 31, 2014, Lin, Kun l...@cua.edu wrote
-Original Message-
From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Cary
Gordon
Sent: Friday, October 31, 2014 11:10 AM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
How do they receive vulnerability report ahead
for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of
Cary Gordon
Sent: Friday, October 31, 2014 11:10 AM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
How do they receive vulnerability report ahead of general public? From
whom?
Cary
, October 31, 2014 11:10 AM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
How do they receive vulnerability report ahead of general public? From whom?
Cary
On Friday, October 31, 2014, Lin, Kun l...@cua.edu wrote:
If you are using drupal as main
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
The vulnerability was discovered in the course of an audit by SektionEins, a
German security firm, and immediately reported to the Drupal Security Team.
Because this was a pretty obscure vulnerability with no reported
Via lwn.net, I came across https://www.drupal.org/PSA-2014-003 and my heart
sank:
Automated attacks began compromising Drupal 7 websites that were not
patched or updated to Drupal 7.32 within hours of the announcement of
SA-CORE-2014-005
- https://www.drupal.org/SA-CORE-2014-005Drupal
14 matches
Mail list logo