Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 648552 (CVE-2017-6926, CVE-2017-6927, CVE-2017-6928, CVE-2017-6929, CVE-2017-6930, CVE-2017-6931, CVE-2017-6932)

Summary: <www-apps/drupal-{7.57,8.4.5}: Multiple vulnerabilities
Product: Gentoo Security Reporter: Tupone Alfredo <tupone>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: web-apps
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.drupal.org/SA-CORE-2018-001
Whiteboard: ~4 [noglsa cve]
Package list:
Runtime testing required: ---

Description Tupone Alfredo gentoo-dev 2018-02-22 20:17:24 UTC
Update www-apps/drupal to 8.4.5 and 7.57 


Reproducible: Always
Comment 1 Larry the Git Cow gentoo-dev 2018-02-24 14:51:06 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/dev/jmbsvicetto.git/commit/?id=d4cac0f99aa71d0ae62961f1c608516633f7c572

commit d4cac0f99aa71d0ae62961f1c608516633f7c572
Author:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
AuthorDate: 2018-02-24 14:49:37 +0000
Commit:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
CommitDate: 2018-02-24 14:49:37 +0000

    www-apps/drupal: Security bump to releases 7.57 and 8.4.5 - SA-CORE-2018-001.
    Bug: https://bugs.gentoo.org/648552
    
    Signed-off-by: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>

 www-apps/drupal/Manifest            |  6 ++-
 www-apps/drupal/drupal-7.57.ebuild  | 74 +++++++++++++++++++++++++++++++
 www-apps/drupal/drupal-8.4.5.ebuild | 86 +++++++++++++++++++++++++++++++++++++
 3 files changed, 164 insertions(+), 2 deletions(-)}
Comment 2 Larry the Git Cow gentoo-dev 2018-02-24 15:22:23 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cc90a8bb43083bdab14a9ee0ef95709a7f2f2975

commit cc90a8bb43083bdab14a9ee0ef95709a7f2f2975
Author:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
AuthorDate: 2018-02-24 15:20:37 +0000
Commit:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
CommitDate: 2018-02-24 15:22:09 +0000

    www-apps/drupal: Security bump to releases 7.57 and 8.4.5 - SA-CORE-2018-001.
    Bug: https://bugs.gentoo.org/648552
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

 www-apps/drupal/Manifest            |  2 +
 www-apps/drupal/drupal-7.57.ebuild  | 74 +++++++++++++++++++++++++++++++
 www-apps/drupal/drupal-8.4.5.ebuild | 86 +++++++++++++++++++++++++++++++++++++
 3 files changed, 162 insertions(+)}
Comment 3 Larry the Git Cow gentoo-dev 2018-02-24 15:28:35 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=56818cfb1170e19a64ffb7dd5dcc0eb72364706c

commit 56818cfb1170e19a64ffb7dd5dcc0eb72364706c
Author:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
AuthorDate: 2018-02-24 15:28:21 +0000
Commit:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
CommitDate: 2018-02-24 15:28:21 +0000

    www-apps/drupal: Drop old vulnerable versions.
    Bug: https://bugs.gentoo.org/648552
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

 www-apps/drupal/Manifest            |  3 --
 www-apps/drupal/drupal-7.56.ebuild  | 74 -------------------------------
 www-apps/drupal/drupal-8.3.7.ebuild | 86 -------------------------------------
 www-apps/drupal/drupal-8.4.2.ebuild | 86 -------------------------------------
 4 files changed, 249 deletions(-)}
Comment 4 Larry the Git Cow gentoo-dev 2018-02-24 15:33:25 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/dev/jmbsvicetto.git/commit/?id=556235639228939e5153a3430ce6afe7fe674e8e

commit 556235639228939e5153a3430ce6afe7fe674e8e
Author:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
AuthorDate: 2018-02-24 15:32:41 +0000
Commit:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
CommitDate: 2018-02-24 15:32:41 +0000

    www-apps/drupal: Drop old vulnerable versions.HEADmaster
    Bug: https://bugs.gentoo.org/648552
    
    Signed-off-by: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>

 www-apps/drupal/Manifest            |  3 --
 www-apps/drupal/drupal-7.56.ebuild  | 74 -------------------------------
 www-apps/drupal/drupal-8.3.7.ebuild | 86 -------------------------------------
 www-apps/drupal/drupal-8.4.4.ebuild | 86 -------------------------------------
 4 files changed, 249 deletions(-)}