[ros-web] Fwd: [hm] Actualizar drupal 7

Javier Agustìn Fernàndez Arroyo elhoir at gmail.com
Fri Jul 22 13:26:14 UTC 2016


i think ReactOS uses Drupal, does it?

This may be useful for web devs......

---------- Forwarded message ----------
From: ale <a at 414c45.net>
Date: Wed, Jul 13, 2016 at 2:30 PM
Subject: [hm] Actualizar drupal 7
To: "hackmeeting at listas.sindominio.net" <hackmeeting at listas.sindominio.net>

Hola familia!
Quería avisar a mantenedores y mantenedoras de drupales 7.x que hoy va a
haber un despliegue importante de módulos para hacer frente a una
vulnerabilidad nueva bastante crítica que permite la ejecución de código
remoto. Se espera que cuando se publique empiecen a salir exploits como
setas. Será hoy a las 16 UTC.

Message: 1
Date: Tue, 12 Jul 2016 17:37:55 +0000 (UTC)
From: security-news at drupal.org
To: security-news at drupal.org
Subject: [Security-news] Drupal contrib - Highly Critical - Remote
        code    execution PSA-2016-001
Message-ID: <mailman.738.1468348810.103656.security-news at drupal.org>
Content-Type: text/plain; charset=UTF-8; format=flowed; delsp=yes

View online: https://www.drupal.org/node/2764899

   * Advisory ID: DRUPAL-PSA-2016-001
   * Project: Drupal contributed modules
   * Version: 7.x
   * Date: 2016-July-12
   * Security risk: 22/25 ( Highly Critical)
     AC:None/A:None/CI:All/II:All/E:Theoretical/TD:All [1]
   * Vulnerability: Arbitrary PHP code execution


There will be multiple releases of Drupal contributed modules on Wednesday
July 13th 2016 16:00 UTC that will fix highly critical remote code execution
vulnerabilities (risk scores up to 22/25 [2]). The Drupal Security Team
you to reserve time for module updates at that time because exploits are
expected to be developed within hours/days. Release announcements will
at the standard announcement locations. [3]

Drupal core is not affected. Not all sites will be affected. You should
review the published advisories on July 13th 2016 to see if any modules you
use are affected.

The Drupal security team can be reached at security at drupal.org or via the
contact form at https://www.drupal.org/contact [4].

Learn more about the Drupal Security team and their policies [5], writing
secure code for Drupal [6], and  securing your site [7].

Follow the Drupal Security Team on Twitter at
https://twitter.com/drupalsecurity [8]
ale [414c45.net · wwb.cc · @414c45]

HackMeeting mailing list
HackMeeting at listas.sindominio.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.reactos.org/pipermail/ros-web/attachments/20160722/9ff6e016/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 853 bytes
Desc: not available
URL: <http://www.reactos.org/pipermail/ros-web/attachments/20160722/9ff6e016/attachment.sig>

More information about the Ros-web mailing list