[Bug 1262813] Re: multiple security issues in drupal7 package

** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-3704 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1262813 Title: multiple security issues in drupal7 package To manage

[Bug 1262813] Re: multiple security issues in drupal7 package

Added CVE-2014-3704 - a highly critical SQL injection vulnerability. See Drupal advisory SA-CORE-2014-005 - Drupal core - SQL injection for full details: https://www.drupal.org/SA-CORE-2014-005 This can be fixed with just one file change to /includes/database/database.inc, but I do think we