[LINK] Drupal for whitehouse.gov

grove at zeta.org.au grove at zeta.org.au
Mon Oct 26 15:53:31 AEDT 2009

On Mon, 26 Oct 2009, stephen at melbpc.org.au wrote:

> Yet the system — known as Drupal — alone won't make it more secure on its
> own, cautioned Ari Schwartz of the Center for Democracy and Technology.
> "The platform that they're moving to is just something to hang other
> things on," he said. "They need to keep up-to-date with the latest
> security patches."

And Drupal just got a whole slew of those.....

ESB-2009.1432 - [Win][UNIX/Linux] Drupal Third Party Modules: Execute arbitrary code/commands - Remote/unauthenticated

ESB-2009.1421 - [Win][UNIX/Linux] Webform (Drupal third-party module): Administrator compromise - Remote with user interaction

ESB-2009.1418.2 - UPDATE [Win][UNIX/Linux] Drupal third-party modules: Multiple vulnerabilities

ESB-2009.1390 - [Win][UNIX/Linux] Shared Sign On (Drupal third-party module): Multiple vulnerabilities

ESB-2009.1299.2 - UPDATE [Win][UNIX/Linux] Drupal third-party modules: Cross-site request forgery - Existing account

ESB-2009.1359.2 - UPDATE [Win][UNIX/Linux] Drupal third-party modules: Multiple vulnerabilities

ESB-2009.1336.2 - UPDATE [Win][UNIX/Linux] Meta tags / Nodewords, Markdown Preview, Devel (Drupal third-party modules):: Multiple vulnerabilities

ESB-2009.1298 - [Win][UNIX/Linux] Drupal core: Cross-site request forgery - Existing account

Rachel Polanskis                 Kingswood, Greater Western Sydney, Australia
grove at zeta.org.au                http://www.zeta.org.au/~grove/grove.html
    "The perversity of the Universe tends towards a maximum." - Finagle's Law

More information about the Link mailing list