rt to (we don't!)
> > >
> > >
> > >
> > > Andy Hickner
> > > Web Services Librarian
> > > Yale University
> > > Cushing/Whitney Medical Library
> > > http://library.medicine.yale.edu/
> > >
> > > ___
ne there are
> a
> >>> lot of libraries running Drupal though who don't have this kind of
> option
> >>> and might not have pre-October 15 backups to revert to (we don't!)
> >>>
> >>>
> >>>
> >>> Andy Hickner
>
t;>> Web Services Librarian
>>> Yale University
>>> Cushing/Whitney Medical Library
>>> http://library.medicine.yale.edu/
>>>
>>>
>>> From: Code for Libraries [CODE4LIB@LISTSERV.ND.EDU ] on
>>
!)
> >
> >
> >
> > Andy Hickner
> > Web Services Librarian
> > Yale University
> > Cushing/Whitney Medical Library
> > http://library.medicine.yale.edu/
> >
> >
> > From: Code for Libraries [CODE4LIB@LISTS
> behalf of Lin, Kun [l...@cua.edu ]
> Sent: Friday, October 31, 2014 2:10 PM
> To: CODE4LIB@LISTSERV.ND.EDU
> Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
>
> I think so. However, Cloudflare in their blog post claim they have develop
> a way to block the attack imme
n behalf of Lin, Kun
[l...@cua.edu]
Sent: Friday, October 31, 2014 2:10 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
I think so. However, Cloudflare in their blog post claim they have develop a
way to block the attack immediately when the vulnerabilit
PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
The vulnerability was discovered in the course of an audit by SektionEins, a
German security firm, and immediately reported to the Drupal Security Team.
Because this was a pretty obscure vulnerability with no rep
t; -Joe
>
>
>
>> -Original Message-
>> From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Cary
>> Gordon
>> Sent: Friday, October 31, 2014 11:10 AM
>> To: CODE4LIB@LISTSERV.ND.EDU
>> Subject: Re: [CODE4LIB] Terrible Drupal
e *general*
> public',
> which was Kun's assertion.
>
> -Joe
>
>
>
> > -Original Message-
> > From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of
> Cary Gordon
> > Sent: Friday, October 31, 2014 11:10 AM
> > To: CODE
eral* public',
which was Kun's assertion.
-Joe
> -Original Message-
> From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Cary
> Gordon
> Sent: Friday, October 31, 2014 11:10 AM
> To: CODE4LIB@LISTSERV.ND.EDU
> Subject: Re: [CODE4LIB]
D.EDU] On Behalf Of Cary
Gordon
Sent: Friday, October 31, 2014 11:10 AM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
How do they receive vulnerability report ahead of general public? From whom?
Cary
On Friday, October 31, 2014, Lin, Kun wrote:
> If you a
d
> they usually receive vulnerability report ahead of general public.
>
> Kun
>
> -Original Message-
> From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU ]
> On Behalf Of Cary Gordon
> Sent: Friday, October 31, 2014 9:59 AM
> To: CODE4LIB@LISTSERV.ND.EDU
o:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Cary
Gordon
Sent: Friday, October 31, 2014 9:59 AM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Terrible Drupal vulnerability
This is what I posted to the Drupal4Lib list:
By now, you should have seen https://www.drupal.org/PSA-2014-003
This is what I posted to the Drupal4Lib list:
By now, you should have seen https://www.drupal.org/PSA-2014-003 and heard
about the "Drupageddon" exploits. and you may be wondering if you were
vulnerable or iff you were hit by this, how you can tell and what you
should do. Dru
14 matches
Mail list logo
