[SECURITY] Fedora 29 Update: drupal7-7.66-1.fc29

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-a06dffab1c 2019-05-09 03:17:19.383627 -------------------------------------------------------------------------------- Name : drupal7 Product : Fedora 29 Version : 7.66 Release : 1.fc29 URL : http://www.drupal.org Summary : An open-source content-management platform Description : Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. -------------------------------------------------------------------------------- Update Information: * https://www.drupal.org/project/drupal/releases/7.66 * https://www.drupal.org/SA-CORE-2019-006 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 30 2019 Shawn Iwinski <shawn.iwinski(a)gmail.com&gt; - 7.66-1 - Update to 7.66 (RHBZ #1701036, #1702424, #1702425, #1702620, #1702619) - https://www.drupal.org/SA-CORE-2019-006 (CVE-2019-11358) * Wed Mar 20 2019 Shawn Iwinski <shawn.iwinski(a)gmail.com&gt; - 7.65-1 - Update to 7.65 (RHBZ #1691035) - https://www.drupal.org/SA-CORE-2019-004 * Sat Feb 23 2019 Shawn Iwinski <shawn.iwinski(a)gmail.com&gt; - 7.64-1 - Update to 7.64 (RHBZ #1673206) - https://www.drupal.org/SA-CORE-2019-001 - https://www.drupal.org/SA-CORE-2019-002 * Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 7.60-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Sun Oct 28 2018 Shawn Iwinski <shawn.iwinski(a)gmail.com&gt; - 7.60-2 - Explicit python dependencies - Explicit python2 except el5 - See https://koji.fedoraproject.org/koji/buildinfo?buildID=1156502 * Sat Oct 27 2018 Shawn Iwinski <shawn.iwinski(a)gmail.com&gt; - 7.60-1 - Update to 7.60 (RHBZ #1643121 / RHBZ #1643122 / RHBZ #1643124 / SA-CORE-2018-006) - Remove patch drupal-7.14-CVE-2012-2922 (see https://groups.drupal.org/node/230373) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1701972 - CVE-2019-11358 js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection https://bugzilla.redhat.com/show_bug.cgi?id=1701972 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-a06dffab1c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------