Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 681172 (CVE-2019-6341)

Summary: <www-apps/drupal-{7.65,8.5.14,8.6.13}: Cross site scripting vulnerability (CVE-2019-6341)
Product: Gentoo Security Reporter: Tupone Alfredo <tupone>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: web-apps
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.drupal.org/SA-CORE-2019-004
Whiteboard: ~4 [noglsa]
Package list:
Runtime testing required: ---

Description Tupone Alfredo gentoo-dev 2019-03-21 17:12:24 UTC 
Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-004

Reproducible: Always
Comment 1 Larry the Git Cow gentoo-dev 2019-03-22 19:51:38 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/dev/jmbsvicetto.git/commit/?id=4cc3f9ae8da1a5d81e19da3fe7c446233262a15b

commit 4cc3f9ae8da1a5d81e19da3fe7c446233262a15b
Author:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
AuthorDate: 2019-03-22 19:48:12 +0000
Commit:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
CommitDate: 2019-03-22 19:48:12 +0000

    www-apps/drupal: Security bump (SA-CORE-2019-004).
    Bug: http://bugs.gentoo.org/681172
    
    Signed-off-by: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>

 www-apps/drupal/Manifest             |  3 ++
 www-apps/drupal/drupal-7.65.ebuild   | 74 +++++++++++++++++++++++++++++++
 www-apps/drupal/drupal-8.5.14.ebuild | 84 ++++++++++++++++++++++++++++++++++++
 www-apps/drupal/drupal-8.6.13.ebuild | 84 ++++++++++++++++++++++++++++++++++++
 4 files changed, 245 insertions(+)
Comment 2 Larry the Git Cow gentoo-dev 2019-03-22 19:59:24 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=590cf40620a816764d180ce87699490babdf56f1

commit 590cf40620a816764d180ce87699490babdf56f1
Author:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
AuthorDate: 2019-03-22 19:57:11 +0000
Commit:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
CommitDate: 2019-03-22 19:59:09 +0000

    www-apps/drupal: Security bump (SA-CORE-2019-004).
    
    Bug: http://bugs.gentoo.org/681172
    Package-Manager: Portage-2.3.62, Repoman-2.3.12
    Signed-off-by: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>

 www-apps/drupal/Manifest             |  3 ++
 www-apps/drupal/drupal-7.65.ebuild   | 74 +++++++++++++++++++++++++++++++
 www-apps/drupal/drupal-8.5.14.ebuild | 84 ++++++++++++++++++++++++++++++++++++
 www-apps/drupal/drupal-8.6.13.ebuild | 84 ++++++++++++++++++++++++++++++++++++
 4 files changed, 245 insertions(+)
Comment 3 Aaron Bauman (RETIRED) gentoo-dev 2019-03-22 20:03:39 UTC 
tree is clean