[ MDVSA-2015:181 ] drupal

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:181
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : drupal
 Date    : March 30, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated drupal packages fix security vulnerabilities:
 
 An information disclosure vulnerability was discovered in Drupal
 before 7.27. When pages are cached for anonymous users, form state
 may leak between anonymous users. Sensitive or private information
 recorded for one anonymous user could thus be disclosed to other
 users interacting with the same form at the same time (CVE-2014-2983).
 
 Multiple security issues in Drupal before 7.29, including a denial
 of service issue, an access bypass issue in the File module, and
 mul

Leave a Reply