Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 683820 (CVE-2019-11358)

Summary: <www-apps/drupal-{7.66,8.5.15,8.6.15}: Cross site scripting vulnerability (CVE-2019-11358)
Product: Gentoo Security Reporter: Tupone Alfredo <tupone>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: web-apps
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.drupal.org/SA-CORE-2019-006
Whiteboard: B3 [noglsa]
Package list:
Runtime testing required: ---

Description Tupone Alfredo gentoo-dev 2019-04-19 06:49:46 UTC 
Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-006

Reproducible: Always
Comment 1 Larry the Git Cow gentoo-dev 2019-04-22 02:12:45 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d34e0d9b24de1160f4dc263e8982cf37a4bf2c7a

commit d34e0d9b24de1160f4dc263e8982cf37a4bf2c7a
Author:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
AuthorDate: 2019-04-22 02:12:04 +0000
Commit:     Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>
CommitDate: 2019-04-22 02:12:27 +0000

    www-apps/drupal:  Security bump - SA-CORE-2019-006.
    
    Bug: https://bugs.gentoo.org/683820
    Package-Manager: Portage-2.3.63, Repoman-2.3.12
    Signed-off-by: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org>

 www-apps/drupal/Manifest             |  1 +
 www-apps/drupal/drupal-8.5.15.ebuild | 84 ++++++++++++++++++++++++++++++++++++
 2 files changed, 85 insertions(+)
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2019-04-22 02:33:20 UTC 
tree is clean