Looks like tomorrow will be a fun day… | Elmer's Development Blog

Hide threads | Keyboard Shortcuts

Elmer Masters 9:16 pm on July 12, 2016 Permalink
Tags: Drupal ( 39 ), security ( 4 )

Looks like tomorrow will be a fun day for Drupal admins.

> From: security-news@drupal.org
> Date: July 12, 2016 at 12:37:55 PM CDT
> To: security-news@drupal.org
> Subject: [Security-news] Drupal contrib – Highly Critical – Remote code execution PSA-2016-001
> Reply-To: noreply@drupal.org
>
> View online: https://www.drupal.org/node/2764899
>
> * Advisory ID: DRUPAL-PSA-2016-001
> * Project: Drupal contributed modules
> * Version: 7.x
> * Date: 2016-July-12
> * Security risk: 22/25 ( Highly Critical)
> AC:None/A:None/CI:All/II:All/E:Theoretical/TD:All [1]
> * Vulnerability: Arbitrary PHP code execution
>
> ——– DESCRIPTION
> ———————————————————
>
> There will be multiple releases of Drupal contributed modules on Wednesday
> July 13th 2016 16:00 UTC that will fix highly critical remote code execution
> vulnerabilities (risk scores up to 22/25 [2]). The Drupal Security Team urges
> you to reserve time for module updates at that time because exploits are
> expected to be developed within hours/days. Release announcements will appear
> at the standard announcement locations. [3]
>
> Drupal core is not affected. Not all sites will be affected. You should
> review the published advisories on July 13th 2016 to see if any modules you
> use are affected.
> ——– CONTACT AND MORE INFORMATION
> —————————————-
>
> The Drupal security team can be reached at security at drupal.org or via the
> contact form at https://www.drupal.org/contact [4].
>
> Learn more about the Drupal Security team and their policies [5], writing
> secure code for Drupal [6], and securing your site [7].
>
> Follow the Drupal Security Team on Twitter at
> https://twitter.com/drupalsecurity [8]
>
>
> [1] https://www.drupal.org/security-team/risk-levels
> [2] https://www.drupal.org/security-team/risk-levels
> [3] https://www.drupal.org/security/contrib
> [4] https://www.drupal.org/contact
> [5] https://www.drupal.org/security-team
> [6] https://www.drupal.org/writing-secure-code
> [7] https://www.drupal.org/security/secure-configuration
> [8] https://twitter.com/drupalsecurity
>
> _______________________________________________
> Security-news mailing list
> Security-news@drupal.org
> Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news

Elmer's Development Blog

Recent Posts

Archives

Meta

Elmer Masters 9:16 pm on July 12, 2016 Permalink
Tags: Drupal ( 39 ), security ( 4 )

Elmer's Development Blog

Tags

Recent Posts

Archives

Meta

Elmer Masters 9:16 pm on July 12, 2016 Permalink Tags: Drupal ( 39 ), security ( 4 )

Elmer Masters 9:16 pm on July 12, 2016 Permalink
Tags: Drupal ( 39 ), security ( 4 )