Bug 227054 - www/drupal7: Version bump needed for exploit SA-CORE-2018-002
Summary: www/drupal7: Version bump needed for exploit SA-CORE-2018-002
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Jochen Neumeister
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-03-28 21:56 UTC by Brent Busby
Modified: 2018-04-19 06:39 UTC (History)
5 users (show)

See Also:

Attachments
Bump to 7.58 (907 bytes, patch)
2018-04-14 13:01 UTC, Rick van der Zwet 		info: maintainer-approval? (joneum)
 Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Brent Busby 2018-03-28 21:56:29 UTC 
Critical exploit announced here:
https://www.drupal.org/sa-core-2018-002

Fixed in Drupal 7.58
Comment 1 Rick van der Zwet 2018-04-14 13:01:40 UTC 
Created attachment 192511 [details]
Bump to 7.58

The security team is now aware of automated attacks attempting to compromise Drupal 7 and 8 websites using the vulnerability reported in SA-CORE-2018-002. Due to this, the security team is increasing the security risk score of that issue to 24/25

https://www.drupal.org/psa-2018-002
Comment 2 commit-hook freebsd_committer freebsd_triage 2018-04-16 21:55:41 UTC 
A commit references this bug:

Author: joneum
Date: Mon Apr 16 21:54:51 UTC 2018
New revision: 467540
URL: https://svnweb.freebsd.org/changeset/ports/467540

Log:
  www/drupal7: Update to 7.58

  Changelog: https://www.drupal.org/project/drupal/releases/7.58

  PR:		227054
  Reported by:	Brent Busby <brent@jfi.uchicago.edu>
  MFH:		2018Q2
  Security:	a9e466e8-4144-11e8-a292-00e04c1ea73d

Changes:
  head/www/drupal7/Makefile
  head/www/drupal7/distinfo
  head/www/drupal7/pkg-plist
Comment 3 commit-hook freebsd_committer freebsd_triage 2018-04-19 06:39:42 UTC 
A commit references this bug:

Author: joneum
Date: Thu Apr 19 06:38:59 UTC 2018
New revision: 467749
URL: https://svnweb.freebsd.org/changeset/ports/467749

Log:
  MFH: r467540

  www/drupal7: Update to 7.58

  Changelog: https://www.drupal.org/project/drupal/releases/7.58

  PR:		227054
  Reported by:	Brent Busby <brent@jfi.uchicago.edu>
  Security:	a9e466e8-4144-11e8-a292-00e04c1ea73d

  Approved by:	ports-secteam (riggs)

Changes:
_U  branches/2018Q2/
  branches/2018Q2/www/drupal7/Makefile
  branches/2018Q2/www/drupal7/distinfo
  branches/2018Q2/www/drupal7/pkg-plist