See blocker and vendor advisory at $URL for details, fixed versions are 9.0.9, 8.9.10, 8.8.12, and 7.75. Please bump, thanks!
ping!
Ping
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/dev/jmbsvicetto.git/commit/?id=8a9daaf9c614939057ec987e146babc5e6501c50 commit 8a9daaf9c614939057ec987e146babc5e6501c50 Author: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> AuthorDate: 2021-01-11 17:47:16 +0000 Commit: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> CommitDate: 2021-01-11 17:47:16 +0000 www-apps/drupal: Security bump CVE-2020-{28948,28949} Update to the latest releases to address the security issue and get up to date releases. Add 7.77, 8.8.12, 8.9.12, 9.0.01 and 9.1.2 releases. Bug: https://bugs.gentoo.org/757252 Signed-off-by: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> www-apps/drupal/Manifest | 5 +++ www-apps/drupal/drupal-7.77.ebuild | 58 ++++++++++++++++++++++++++++++ www-apps/drupal/drupal-8.8.12.ebuild | 68 ++++++++++++++++++++++++++++++++++++ www-apps/drupal/drupal-8.9.12.ebuild | 68 ++++++++++++++++++++++++++++++++++++ www-apps/drupal/drupal-9.0.10.ebuild | 68 ++++++++++++++++++++++++++++++++++++ www-apps/drupal/drupal-9.1.2.ebuild | 68 ++++++++++++++++++++++++++++++++++++ 6 files changed, 335 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e392d33c2816799e327eadd14d01b1700b5fadb3 commit e392d33c2816799e327eadd14d01b1700b5fadb3 Author: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> AuthorDate: 2021-01-11 21:04:22 +0000 Commit: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> CommitDate: 2021-01-11 21:05:52 +0000 www-apps/drupal: Security bump CVE-2020-{28948,28949} Update to the latest releases to address the security issue and get up to date releases. Add 7.77, 8.8.12, 8.9.12, 9.0.01 and 9.1.2 releases. Drop vulnerable releases. Bug: https://bugs.gentoo.org/757252 Package-Manager: Portage-3.0.11, Repoman-3.0.2 Signed-off-by: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> www-apps/drupal/Manifest | 9 +-- .../{drupal-7.74.ebuild => drupal-7.77.ebuild} | 2 +- .../{drupal-8.8.11.ebuild => drupal-8.8.12.ebuild} | 2 +- .../{drupal-8.9.9.ebuild => drupal-8.9.12.ebuild} | 2 +- .../{drupal-9.0.8.ebuild => drupal-9.0.10.ebuild} | 2 +- www-apps/drupal/drupal-9.1.2.ebuild | 68 ++++++++++++++++++++++ 6 files changed, 77 insertions(+), 8 deletions(-)
Apologies for the delay, but I'm still recreating my development environment for web applications.
(In reply to Jorge Manuel B. S. Vicetto from comment #6) > Apologies for the delay, but I'm still recreating my development environment > for web applications. Fortunately from here it's quick ;) Tree is clean, noglsa, all done.