Updated drupal packages fix security vulnerabilities
Publication date: 08 Jul 2016Type: security
Affected Mageia releases : 5
Description
Updated drupal packages fix security vulnerability: A vulnerability exists in the User module, where if some specific contributed or custom code triggers a rebuild of the user profile form, a registered user can be granted all user roles on the site. This would typically result in the user gaining administrative access (SA-CORE-2016-002).
References
SRPMS
5/core
- drupal-7.44-1.mga5