Bug 227054 - www/drupal7: Version bump needed for exploit SA-CORE-2018-002
Summary: www/drupal7: Version bump needed for exploit SA-CORE-2018-002
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Jochen Neumeister
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-03-28 21:56 UTC by Brent Busby
Modified: 2018-04-19 06:39 UTC (History)
5 users (show)

See Also:


Attachments
Bump to 7.58 (907 bytes, patch)
2018-04-14 13:01 UTC, info
info: maintainer-approval? (joneum)
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Brent Busby 2018-03-28 21:56:29 UTC
Critical exploit announced here:
https://www.drupal.org/sa-core-2018-002

Fixed in Drupal 7.58
Comment 1 info 2018-04-14 13:01:40 UTC
Created attachment 192511 [details]
Bump to 7.58

The security team is now aware of automated attacks attempting to compromise Drupal 7 and 8 websites using the vulnerability reported in SA-CORE-2018-002. Due to this, the security team is increasing the security risk score of that issue to 24/25

https://www.drupal.org/psa-2018-002
Comment 2 commit-hook freebsd_committer 2018-04-16 21:55:41 UTC
A commit references this bug:

Author: joneum
Date: Mon Apr 16 21:54:51 UTC 2018
New revision: 467540
URL: https://svnweb.freebsd.org/changeset/ports/467540

Log:
  www/drupal7: Update to 7.58

  Changelog: https://www.drupal.org/project/drupal/releases/7.58

  PR:		227054
  Reported by:	Brent Busby <brent@jfi.uchicago.edu>
  MFH:		2018Q2
  Security:	a9e466e8-4144-11e8-a292-00e04c1ea73d

Changes:
  head/www/drupal7/Makefile
  head/www/drupal7/distinfo
  head/www/drupal7/pkg-plist
Comment 3 commit-hook freebsd_committer 2018-04-19 06:39:42 UTC
A commit references this bug:

Author: joneum
Date: Thu Apr 19 06:38:59 UTC 2018
New revision: 467749
URL: https://svnweb.freebsd.org/changeset/ports/467749

Log:
  MFH: r467540

  www/drupal7: Update to 7.58

  Changelog: https://www.drupal.org/project/drupal/releases/7.58

  PR:		227054
  Reported by:	Brent Busby <brent@jfi.uchicago.edu>
  Security:	a9e466e8-4144-11e8-a292-00e04c1ea73d

  Approved by:	ports-secteam (riggs)

Changes:
_U  branches/2018Q2/
  branches/2018Q2/www/drupal7/Makefile
  branches/2018Q2/www/drupal7/distinfo
  branches/2018Q2/www/drupal7/pkg-plist