exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 2913-1

Debian Security Advisory 2913-1
Posted Apr 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2913-1 - An information disclosure vulnerability was discovered in Drupal, a fully-featured content management framework. When pages are cached for anonymous users, form state may leak between anonymous users. Sensitive or private information recorded for one anonymous user could thus be disclosed to other users interacting with the same form at the same time.

tags | advisory, info disclosure
systems | linux, debian
advisories | CVE-2014-2983
SHA-256 | d394e08c70f78f10ec9cd82c86a33e9f0cbfa6cc31f0ca140dbf37e345337995

Debian Security Advisory 2913-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2913-1 security@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
April 25, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : drupal7
CVE ID : CVE-2014-2983

An information disclosure vulnerability was discovered in Drupal, a
fully-featured content management framework. When pages are cached for
anonymous users, form state may leak between anonymous users. Sensitive
or private information recorded for one anonymous user could thus be
disclosed to other users interacting with the same form at the same
time.

This security update introduces small API changes, see the upstream
advisory at https://drupal.org/SA-CORE-2014-002 for further information.

For the stable distribution (wheezy), this problem has been fixed in
version 7.14-2+deb7u4.

For the testing distribution (jessie), this problem has been fixed in
version 7.27-1.

For the unstable distribution (sid), this problem has been fixed in
version 7.27-1.

We recommend that you upgrade your drupal7 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJTWsKlAAoJEAVMuPMTQ89EuQQQAIaTKR7e4si6wHYA7IK0jDgE
KuukKyrRhWghAZSLTyvNoRAAGL+Ay9tTj67T5jtNQ5RSpZ9fMgb4Q/GPqpp/Lkr3
tkENeFHlGXszQFyg7JZ1KCc+rvNTncESWC0auad/kGNURdvWgpSvofuyLcobEnPV
Ga6uyVFeFLfUfNZUWOQAA7ujHx4BtGXwEb+snJhyiFYVm8GhBfD0Viwzdn6AqLG9
mTadwarYjLBnvvOO5AInXpqGfGUDYrsv9UfbY1gdZFm2TLWvgj4ZRPPczbclms1f
rXKl4SIsyFOBsPm1nfaZ8equFui+zOZjX63awqWHn1qY3tu0KWVom6RxdKmwrSHx
iGkX/cLbHJFr2HxSgbbnQd4TmhcMm/5gJa103ZvLfMYbhugAGXNaPj+ffi4wtYb9
Z3TAB6LWEfrOUeoFCFLAmSo23JyhFIGHoC58FSEw0LmbePc+zP5vIbyEKAy1FE6I
ia7D/ljfV85aloicbuoWIbdgJztlDx2oj4pYugJF1Xg9R2AQKtmubbJG//j+n3pV
2d1TxQye4hBijxDkdSwKKoezW/1hgplRLeyIVFEb/gwZyoyNQuVJCpr4UBKca+98
YBDjqsiFoLtorXnY0Nmz1i7h6VkR1qr+gT6tBg352wLCU8exLqBl+zBluke6TacX
lYsr0BeDNSniXKQ/VGue
=d/kF
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    0 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    0 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close