Debian Long Term Support / LTS Security Information / 2022 / Security Information -- DLA-2925-1 drupal7

Debian Security Advisory

DLA-2925-1 drupal7 -- LTS security update

Date Reported:

16 Feb 2022

Affected Packages:

drupal7

Vulnerable:

Yes

Security database references:

No other external database security references currently available.

More information:

This security updates includes two fixes, backported respectively from Drupal version 7.87 and 7.88:

- Fix a regression caused by Query ui position() backport in version 7.86 (backported as 7.52-2+deb9u17): was not checking for possible undefined value in options

- Fix improper input validation in Drupal's form API

Drupal is a dynamic web site platform which allows an individual or community of users to publish, manage and organize a variety of content.

--+PsIA3X1y1N/ZpZZ Content-Type: application/pgp-signature; name="signature.asc"