Drupal core - Critical - Multiple vulnerabilities - SA-CORE-2019-012 Reproducible: Always
Drupal issued four security announcements yesterday: Drupal core - Critical - Multiple vulnerabilities - SA-CORE-2019-012 https://www.drupal.org/sa-core-2019-012 Fixed on: =drupal-7.69 =drupal-8.7.11 =drupal-8.8.1 Drupal core - Moderately critical - Denial of Service - SA-CORE-2019-009 Fixed on: =drupal-8.7.11 =drupal-8.8.1 Drupal core - Moderately critical - Multiple vulnerabilities - SA-CORE-2019-010 https://www.drupal.org/sa-core-2019-010 Fixed on: =drupal-8.7.11 =drupal-8.8.1 Drupal core - Moderately critical - Access bypass - SA-CORE-2019-011 https://www.drupal.org/sa-core-2019-011 Fixed on: =drupal-8.7.11 =drupal-8.8.1
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e3606a83d638488f83ca481fee71f7bc420f18cf commit e3606a83d638488f83ca481fee71f7bc420f18cf Author: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> AuthorDate: 2019-12-19 13:52:19 +0000 Commit: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> CommitDate: 2019-12-19 13:54:50 +0000 www-apps/drupal: Security updates (SA-CORE-2019-0{09,10,11,12}). Security bump to releases 7.69, 8.7.11 and 8.8.1. Bug: https://bugs.gentoo.org/703332 Package-Manager: Portage-2.3.81, Repoman-2.3.20 Signed-off-by: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> www-apps/drupal/Manifest | 3 ++ www-apps/drupal/drupal-7.69.ebuild | 58 ++++++++++++++++++++++++++++++ www-apps/drupal/drupal-8.7.11.ebuild | 68 ++++++++++++++++++++++++++++++++++++ www-apps/drupal/drupal-8.8.1.ebuild | 68 ++++++++++++++++++++++++++++++++++++ 4 files changed, 197 insertions(+)
Tree is clean.
(In reply to Sam James (sam_c) (security padawan) from comment #3) > Tree is clean.
