-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : drupal7 Version : 7.14-2+deb7u18 CVE ID : CVE-2018-7600
Jasper Mattsson found a remote code execution vulnerability in the Drupal content management system. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised. For further information please refer to the official upstream advisory at https://www.drupal.org/sa-core-2018-002. For Debian 7 "Wheezy", these problems have been fixed in version 7.14-2+deb7u18. We recommend that you upgrade your drupal7 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlq8GlFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeT0Pg//d15fKuV4i8aZ0KvYyEIDaWBRPh9lYhfrv3Qc+hB8eAORkukH16fWqsN0 Xn2G4YpbEbW2YIE/M13AnKy97V4VVvVH5XBpbggKIS+HACZuyZ4MeX9ql83WeRhE Jl0dfWiLuWJJD/tcs2ztQSXwZyQBlDLsGjEAneGQRQcf6ERKkzbtV539Dbt12CQ/ +ZI23s5nX1TKDjyyRTy17RQk3FhY1ZarCbfi29VAQ44JXqZl7AsEecgfZIESY13V b9UlJQPw1ga3PsjSfFziJstQ33hZK1V+6tu+BVxSbma+TIstzFtvbhaNEQZWbM2R gO7mLYg98q85fd/VTHYkHBm63BdjE4I//e/yE5nZ8NjrzUWncpMPAwjkifHBr1Yw a3dzGRSUr8STCVZRVOpc/R9DovojCwU8XAEx+ONuCpMj1MBpWmtczwn/TJIJvXyA wa3WDr7q0+Z1OYniXwmAEkcu4m+NYiuvQ5OD7VUpKA5MkOMBzGmIfZhKqAixcNWT bwHGXSFOM02nYX18yOJXM8b17RtfbOsGzzGJH+aqZqQCdxtD8iiykrugERPkDzGj 7kUZ+IxVn6HeG5hbJM5hhcE9TbodRb5T2lFYwhgcX5UkLwVUB1zYJ/2BbHxUJyh6 9argbDhzD+sWEtHE5yuA+Dy+2eMax3DDh7/uCDvtGbsd1tUKQng= =x224 -----END PGP SIGNATURE-----