subject:"Bug#928688\: drupal7\: Insecure deserialization on bundled third\-party library \"Phar Stream Wrapper\" \(SA\-CORE\-2019\-007\)"

Bug#928688: drupal7: Insecure deserialization on bundled third-party library "Phar Stream Wrapper" (SA-CORE-2019-007)

2019-05-09 Thread Salvatore Bonaccorso

Control: retitle -1 drupal7: Insecure deserialization on bundled third-party library "Phar Stream Wrapper" (SA-CORE-2019-007) (CVE-2019-11831) On Wed, May 08, 2019 at 04:13:30PM -0500, Gunnar Wolf wrote: > Package: drupal7 > Version: 7.52-2+deb9u8 > Severity: grave > Tags: security upstream >

Bug#928688: drupal7: Insecure deserialization on bundled third-party library "Phar Stream Wrapper" (SA-CORE-2019-007)

2019-05-08 Thread Gunnar Wolf

Package: drupal7 Version: 7.52-2+deb9u8 Severity: grave Tags: security upstream Justification: user security hole Drupal security advisory SA-CORE-2019-007 was issued today: https://www.drupal.org/SA-CORE-2019-007 It refers to the following advisory in a bundled third-party library: