This bug was fixed in the package drupal7 - 7.12-1ubuntu0.1 --------------- drupal7 (7.12-1ubuntu0.1) precise-security; urgency=medium
* SECURITY UPDATE: Unauthenticated SQL injection (LP: #1381969) - debian/patches/SA-CORE-2014-005-D7.patch: Fix SQL injection - https://www.drupal.org/files/issues/SA-CORE-2014-005-D7.patch - CVE-2014-3704 -- Gianfranco Costamagna <costamagnagianfra...@yahoo.it> Thu, 16 Oct 2014 11:31:17 +0200 ** Changed in: drupal7 (Ubuntu) Status: New => Fix Released ** Changed in: drupal7 (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1381969 Title: CVE-2014-3704 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/drupal7/+bug/1381969/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs