Solve the security vulnerability

Created on 1 March 2024, over 1 year ago

`composer audit` marks `drupal/faq` as having 1 security vulnerability since 2019.

🐛 Bug report
Status

Active

Version

1.2

Component

Code

Created by

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @sboden
  • 🇹🇷Turkey orkut murat yılmaz Istanbul

    This is the output of the audit command:

    composer audit
    Found 1 security vulnerability advisory affecting 1 package:
    +-------------------+----------------------------------------------------------------------------------+
    | Package           | drupal/faq                                                                       |
    | Severity          |                                                                                  |
    | CVE               | NO CVE                                                                           |
    | Title             | Frequently Asked Questions - Critical - Unsupported - SA-CONTRIB-2019-077        |
    | URL               | https://www.drupal.org/sa-contrib-2019-077                                       |
    | Affected versions | *                                                                                |
    | Reported at       | 2019-11-13T18:00:36+00:00                                                        |
    | Advisory ID       | SA-CONTRIB-2019-077                                                              |
    +-------------------+----------------------------------------------------------------------------------+
  • 🇺🇸United States benjifisher Boston area

    I updated https://www.drupal.org/sa-contrib-2019-077 . That should fix the problem. (I am a member of the Security Team, so I have permission to edit security advisories.)

    Maintainers: please credit

    • sboden, for reporting the issue
    • orkut murat yılmaz, for providing detail
    • Luke Stewart, for bringing this issue to my attention
    • drumm, for advising on how to resolve it
  • 🇺🇸United States benjifisher Boston area
  • 🇳🇿New Zealand luke.stewart

    Can confirm that running composer audit no longer results in the advisory showing (on a site with 8.x-1.2 installed)

  • 🇹🇷Turkey orkut murat yılmaz Istanbul

    I can also confirm that too. Thank you @benjifisher :)

Production build 0.71.5 2024