Date: Mon, 16 Apr 2018 07:26:58 +0000 (UTC) From: Jochen Neumeister <joneum@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r467461 - head/security/vuxml Message-ID: <201804160726.w3G7Qw6n026432@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: joneum Date: Mon Apr 16 07:26:58 2018 New Revision: 467461 URL: https://svnweb.freebsd.org/changeset/ports/467461 Log: Document multiple vulnerabilities in www/drupal7 Security: CVE-2018-7600 Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Mon Apr 16 07:22:08 2018 (r467460) +++ head/security/vuxml/vuln.xml Mon Apr 16 07:26:58 2018 (r467461) @@ -58,6 +58,31 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="a9e466e8-4144-11e8-a292-00e04c1ea73d"> + <topic>drupal -- Drupal Core - Multiple Vulnerabilities</topic> + <affects> + <package> + <name>drupal7</name> + <range><lt>7.57</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Drupal Security Team reports:</p> + <blockquote cite="INSERT URL HERE"> + <p>CVE-2018-7600: Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2018-7600</cvename> + </references> + <dates> + <discovery>2018-03-13</discovery> + <entry>2018-04-16</entry> + </dates> + </vuln> + <vuln vid="41c96ffd-29a6-4dcc-9a88-65f5038fa6eb"> <topic>perl -- multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201804160726.w3G7Qw6n026432>