drupal-6.8-2AXS3
エラータID: AXSA:2009-68:02
Drupal is a free software package that allows an individual or a community of users to easily publish, manage and organize a wide variety of content on a website.
Fixed bugs:
CVE-2009-1844
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x before 5.18 and 6.x before 6.12 allow (1) remote authenticated users to inject arbitrary web script or HTML via crafted UTF-8 byte sequences that are treated as UTF-7 by Internet Explorer 6 and 7, which are not properly handled in the HTML exports of books feature; and (2) allow remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via the help text of an arbitrary vocabulary.
NOTE: vector 1 exists because of an incomplete fix for CVE-2009-1575.
Update packages
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x before 5.18 and 6.x before 6.12 allow (1) remote authenticated users to inject arbitrary web script or HTML via crafted UTF-8 byte sequences that are treated as UTF-7 by Internet Explorer 6 and 7, which are not properly handled in the "HTML exports of books" feature; and (2) allow remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via the help text of an arbitrary vocabulary. NOTE: vector 1 exists because of an incomplete fix for CVE-2009-1575.
N/A
SRPMS
- drupal-6.8-2AXS3.src.rpm
MD5: 176488ee1ce96ddf27162bd39ac5d569
SHA-256: 5e0861f0d900e2a7778ab7fc5325b8f71ec8cb9fa710440f600236e48875cf6f
Size: 1.88 MB
Asianux Server 3 for x86
- drupal-6.8-2AXS3.noarch.rpm
MD5: b5574f2cdb475104e9ca212b53fb6e6c
SHA-256: 20a98086f70d765edf22913b05de4c0091ff5867ba7eb13aab1ef40d343ea3a5
Size: 1.97 MB
Asianux Server 3 for x86_64
- drupal-6.8-2AXS3.noarch.rpm
MD5: 626c33b400d8a911d667f285be8eef93
SHA-256: e7c346d5059b497312a2bb07b9fb599931cb907b5c9424a68d0a6062c18aa9f7
Size: 1.97 MB
日本語