Debian 10261 Published by

A drupal7 security update has been released for Debian GNU/Linux 8 LTS to address an Open Redirect vulnerability.



DLA 2250-1: drupal7 security update

Package : drupal7
Version : 7.32-1+deb8u18
CVE ID : CVE-2020-13662

Drupal 7 has an Open Redirect vulnerability. For example, a user
could be tricked into visiting a specially crafted link which would
redirect them to an arbitrary external URL.

For Debian 8 "Jessie", this problem has been fixed in version
7.32-1+deb8u18.

We recommend that you upgrade your drupal7 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS