Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 233478 (CVE-2008-3222) - www-apps/drupal < 5.9: session fixation (CVE-2008-3222)
Summary: www-apps/drupal < 5.9: session fixation (CVE-2008-3222)
Status: RESOLVED FIXED
Alias: CVE-2008-3222
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://drupal.org/node/286417
Whiteboard: ~3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2008-07-31 13:41 UTC by Hanno Böck
Modified: 2008-07-31 23:41 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2008-07-31 13:41:04 UTC 
The fix for CVE-2008-3222 in 5.8 was missing, so drupal issued 5.9.
Comment 1 Gunnar Wrobel (RETIRED) gentoo-dev 2008-07-31 20:41:14 UTC 
Bumped to 5.9, removed 5.8. Unstable on all archs. webapps done.
Comment 2 Pierre-Yves Rofes (RETIRED) gentoo-dev 2008-07-31 21:02:29 UTC 
thanks, closing without glsa.