Date: Wed, 27 Mar 2019 21:51:40 +0000 (UTC) From: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r496987 - head/security/vuxml Message-ID: <201903272151.x2RLpe43055113@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: acm Date: Wed Mar 27 21:51:40 2019 New Revision: 496987 URL: https://svnweb.freebsd.org/changeset/ports/496987 Log: - Update 94d63fd7-508b-11e9-9ba0-4c72b94353b5 entry Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Wed Mar 27 21:51:20 2019 (r496986) +++ head/security/vuxml/vuln.xml Wed Mar 27 21:51:40 2019 (r496987) @@ -59,23 +59,28 @@ Notes: --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; <vuln vid="94d63fd7-508b-11e9-9ba0-4c72b94353b5"> - <topic>drupal -- Multiple Vulnerabilities</topic> + <topic>drupal -- Drupal core - Moderately critical - Cross Site Scripting</topic> <affects> <package> <name>drupal7</name> <range><lt>7.65</lt></range> </package> + <package> + <name>drupal8</name> + <range><lt>8.6.13</lt></range> + </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml">; <p>Drupal Security Team reports:</p> - <blockquote cite="https://www.drupal.org/project/drupal/releases/7.65">; + <blockquote cite="https://www.drupal.org/SA-CORE-2019-004">; <p>Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.</p> </blockquote> </body> </description> <references> + <url>https://www.drupal.org/project/drupal/releases/8.6.13</url>; <url>https://www.drupal.org/project/drupal/releases/7.65</url>; <url>https://www.drupal.org/SA-CORE-2019-004</url>; <cvename>CVE-2019-6341</cvename>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201903272151.x2RLpe43055113>