[Bug 261506] www/drupal9 is out of date, affected by CVE-2021-41184

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 27 Jan 2022 08:20:35 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261506

            Bug ID: 261506
           Summary: www/drupal9 is out of date, affected by CVE-2021-41184
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: acm@FreeBSD.org
          Reporter: tech-lists@zyxst.net
          Assignee: acm@FreeBSD.org
             Flags: maintainer-feedback?(acm@FreeBSD.org)

Hi,

The version of drupal9 in ports is 9.2.10 and is affected by
https://www.drupal.org/sa-core-2022-001
https://nvd.nist.gov/vuln/detail/CVE-2021-41184

fixed in
https://www.drupal.org/project/drupal/releases/9.2.11
https://www.drupal.org/project/drupal/releases/9.3.3

-- 
You are receiving this mail because:
You are the assignee for the bug.