Upgrade Your Drupal Skills
We trained 1,000+ Drupal Developers over the last decade.
See Advanced Courses NAH, I know EnoughDrupal core - Critical - Multiple vulnerabilities - SA-CORE-2019-012
Parent Feed:
The Drupal project uses the third-party library Archive_Tar, which has released a security improvement that is needed to protect some Drupal configurations.
Multiple vulnerabilities are possible if Drupal is configured to allow .tar
, .tar.gz
, .bz2
or .tlz
file uploads and processes them.
The latest versions of Drupal update Archive_Tar
to 1.4.9 to mitigate the file processing vulnerabilities.
Edited to clarify the nature of the upstream release.
Original Post:
About Drupal Sun
Drupal Sun is an Evolving Web project. It allows you to:
- Do full-text search on all the articles in Drupal Planet (thanks to Apache Solr)
- Facet based on tags, author, or feed
- Flip through articles quickly (with j/k or arrow keys) to find what you're interested in
- View the entire article text inline, or in the context of the site where it was created
See the blog post at Evolving Web