diff options
| author | rm <rm@FreeBSD.org> | 2012-10-31 05:01:16 +0800 |
|---|---|---|
| committer | rm <rm@FreeBSD.org> | 2012-10-31 05:01:16 +0800 |
| commit | 7bccf368210ee272403ef070cb4266717cd12c65 (patch) | |
| tree | ab0b2f1384d8d7f6029c942fe4232ecfec122789 /security | |
| parent | 6e9c871199df92e15d461b8bbdae64ca380b801a (diff) | |
| download | freebsd-ports-graphics-7bccf368210ee272403ef070cb4266717cd12c65.tar.gz freebsd-ports-graphics-7bccf368210ee272403ef070cb4266717cd12c65.tar.zst freebsd-ports-graphics-7bccf368210ee272403ef070cb4266717cd12c65.zip | |
- update to 7.16 [1]
while here:
- trim Makefile header
- remove indefinite article in COMMENT
- remove IGNORE_WITH_PHP and IGNORE_WITH_PGSQL since
we have not this versions in the tree anymore
- fix pkg-plist
- add vuxml entry
PR: 173211
Submitted by: Rick van der Zwet <info at rickvanderzwet dot nl> [1]
Approved by: Nick Hilliard <nick at foobar dot org> (maintainer)
Security: 2adc3e78-22d1-11e2-b9f0-d0df9acfd7e5
Feature safe: yes
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index e1533bb2fe8..cd2884835a5 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -51,6 +51,46 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="2adc3e78-22d1-11e2-b9f0-d0df9acfd7e5"> + <topic>drupal7 -- multiple vulnerabilities</topic> + <affects> + <package> + <name>drupal7</name> + <range><lt>7.16</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Drupal Security Team reports:</p> + <blockquote cite="http://drupal.org/node/1815912"> + <ol> + <li> + <p>Arbitrary PHP code execution</p> + <p>A bug in the installer code was identified that allows an attacker + to re-install Drupal using an external database server under certain + transient conditions. This could allow the attacker to execute + arbitrary PHP code on the original server.</p> + </li> + <li> + <p>Information disclosure - OpenID module</p> + <p>For sites using the core OpenID module, an information disclosure + vulnerability was identified that allows an attacker to read files + on the local filesystem by attempting to log in to the site using a + malicious OpenID server.</p> + </li> + </ol> + </blockquote> + </body> + </description> + <references> + <url>http://drupal.org/node/1815912</url> + </references> + <dates> + <discovery>2012-10-17</discovery> + <entry>2012-10-31</entry> + </dates> + </vuln> + <vuln vid="6b3b1b97-207c-11e2-a03f-c8600054b392"> <topic>mozilla -- multiple vulnerabilities</topic> <affects> |