[LTER-im] Fwd: [ctsc-announce-sw-l] Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2016-001
Mark Servilla
servilla at lternet.edu
Thu Feb 25 08:36:55 MST 2016
FYI...
---
Mark Servilla, Ph.D.
LTER Network Office
Department of Biology
MSC 03 2020
1 University of New Mexico
Albuquerque, NM 87131-0001
servilla at LTERnet.edu
(505) 750-3226
---------- Forwarded message ----------
From: Basney, Jim <jbasney at illinois.edu>
Date: Thu, Feb 25, 2016 at 8:32 AM
Subject: [ctsc-announce-sw-l] Drupal Core - Critical - Multiple
Vulnerabilities - SA-CORE-2016-001
To: CTSC Software Developers Announcement List <
ctsc-announce-sw-l at list.indiana.edu>, CTSC Infrastructure Operators
Announce List <ctsc-announce-inf-l at list.indiana.edu>
CI Operators and Software Developers:
Drupal has released updates to address multiple vulnerabilities in the
Drupal content management software. Exploitation of some of these
vulnerabilities may allow a remote attacker to take control of an affected
website.
Available updates include:
Drupal core 6.38 for 6.x users
Drupal core 7.43 for 7.x users
Drupal core 8.0.4 for 8.0.x users
For more information:
https://www.drupal.org/SA-CORE-2016-001
https://www.us-cert.gov/ncas/current-activity/2016/02/24/Drupal-Releases-Security-Updates
How CTSC can help:
The potential impact of any vulnerability, and therefore the appropriate
response, depends in part on operational conditions that are unique to each
cyberinfrastructure deployment. CTSC can not provide a one-size-fits-all
severity rating and response recommendation for all NSF
cyberinfrastructure. Please contact us (http://trustedci.org/help/) if you
need assistance with assessing the potential impact of this vulnerability
in your environment and/or you have additional information about this issue
that should be shared with the community.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lternet.edu/pipermail/im/attachments/20160225/48ad7707/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7158 bytes
Desc: not available
URL: <http://lists.lternet.edu/pipermail/im/attachments/20160225/48ad7707/attachment.bin>
More information about the im
mailing list