Red Hat Bugzilla – Bug 891582
CVE-2012-5655 drupal6-context, drupal7-context: Improper restriction of access to the block content
Last modified: 2015-08-06 13:33:08 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2012-5655 to the following vulnerability:
The Context module 6.x-3.x before 6.x-3.1 and 7.x-3.x before 7.x-3.0-beta6 for Drupal does not properly restrict access to block content, which allows remote attackers to obtain sensitive information via a crafted request.
This issue affects the versions of the drupal6-context package, as shipped with Fedora release of 17 and with Fedora EPEL 6. Please schedule an update.
This issue affects the versions of the drupal7-context package, as shipped with Fedora release of 16, 17, Fedora EPEL 5, and Fedora EPEL 6. Please schedule an update.
Created drupal6-context tracking bugs for this issue
Affects: fedora-17 [bug 891586]
Affects: epel-6 [bug 891587]
Created drupal7-context tracking bugs for this issue
Affects: fedora-all [bug 891589]
Affects: epel-all [bug 891590]
drupal6-context-3.1-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
All updates for this are pushed.