-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4706-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 18, 2020 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : drupal7 CVE ID : CVE-2020-13663 It was discovered that Drupal, a fully-featured content management framework, was suspectible to cross site request forgery. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2020-004 For the oldstable distribution (stretch), this problem has been fixed in version 7.52-2+deb9u11. We recommend that you upgrade your drupal7 packages. For the detailed security status of drupal7 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/drupal7 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl7rzVUACgkQEMKTtsN8 TjaXqxAAmamAJvolHFUDrfp2f25ByMFBc0yR22Ycp2EuRwwdgzxnDqFTi1OaaOx1 BUWVX31Is12Oi1wcOtHjfR0vINlM28QGr50k4mdWA+dw7ibNDybfex0wZ2tSYUgL /YEjM5G4WdlERxd8muX2s/FGvPUR+jCv9hbV07nENf8icygNo3y41OqFnQLUNF/u ruhULa8p2xWewfaS1d8u0LAxiPvj/gUJPdlPHQ3p2lEfX3dh1EjWIXxRvx+/aVHQ j4D/dYhEjIwWoTjt5xO86VWh/hKzjQVUoCv7pBBgLQLijr6zZx95sWfkJ/tbIyGo ZjFu+zyJGvSQzlZkj0QIxoMSrc6suORihYRzpdC6bfT/ec7+lrmhHPEG7HYZQJhH j83L2ClJVkGGS4qq/Wv4x5PLwNCrPH4PkjzFzpX8wPZcTMgvKUmWUpTqmjPyFSNT nam1Gzea3rTPmdaNKQ5VksTizh20rZIWB8c3FMh9aIx0FXBIXhmX6vm2PNbZLAhV LKKc+V7gwA/ZuCVtGcJMSUHU3RL67jWfouFKGonTPAeE5sFWQp4q+cnO/K+oZxe8 33xmQ82lzzb7Fw3A4GSGejZz1eXN0MTp3xkwqzCXCoqumEMavwAeeT7xAHSTc9t1 ip/9lPmB8/T/gUys3Jif6NLuINkd2Yz4+4wS2Q5cC7I+IzAURnU= =Pmwi -----END PGP SIGNATURE-----