0
Release Version: 7.x-44
ADOA-ASET will be applying updates to all Agency Platform Websites according to the following schedule:
Environment | Date | Time | status |
---|---|---|---|
DEV | June 21, 2016 | After 3pm | Completed |
TEST | June 22, 2016 | Approximately 7am | Completed |
LIVE | June 23, 2016 | After 5pm | Not started |
- Service interruption is not expected.
- Please contact the ADOA Service Desk if you have any questions or concerns
Updates Include:
Title | Version | Notes |
---|---|---|
Drupal Core | Drupal 7.44 | Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2016-002 - Saving user accounts can sometimes grant the user all roles (User module - Drupal 7 - Moderately Critical). This issue is mitigated by the fact that it requires contributed or custom code that performs a form rebuild during submission of the user profile form. |
Views Module | 7.x-3.14 | Views - Less Critical - Access Bypass - SA-CONTRIB-2016-036 - An access bypass vulnerability exists in the Views module, where users without the "View content count" permission can see the number of hits collected by the Statistics module for results in the view. This issue is mitigated by the fact that the view must be configured to show a "Content statistics" field, such as "Total views", "Views today" or "Last visit". |