Fedora 15 : drupal7-7.6-1.fc15 (2011-9845)

Remember to log in as the admin user prior to RPM upgrade to perform DB upgrade. - Advisory ID: DRUPAL-SA-CORE-2011-003 - Project: Drupal core 1 - Version: 7.x - Date: 2011-July-27 - Security risk: Less critical 2 - Exploitable from: Remote - Vulnerability: Access bypass -------- DESCRIPTION Note...

SA-CORE-2011-003 - Drupal core - Access bypass

CVE: CVE-2011-2726 Access bypass in private file fields on comments. Drupal 7 contains two new features: the ability to attach File upload fields to any entity type in the system and the ability to point individual File upload fields to the private file directory. If a Drupal site is using these...