8.x allows infected files to be uploaded in TCP/IP mode. [#2806843]

When using TCP/IP mode with 8.x-1.x-dev, infected files are checked but the results are not reported in the API.
This allows infected files to be uploaded.

Do not use TCP/IP mode until this issue is fixed.

Note that this issue is publicly reported without a security notification, as 8.x-1.x is currently a dev release and has never had a full release.

Comments

Comment #1

26 September 2016 at 20:56

manarth created an issue. See original summary.

Comment #2

manarth commented 26 September 2016 at 20:57

Issue summary:

View changes

Comment #3

manarth commented 28 September 2016 at 18:34

Status:

Needs work

» Fixed

Fixed in commit: 2f3300c31284164727d44c365618f5889695eaee

Comment #4

28 September 2016 at 18:34

manarth committed 2f3300c on 8.x-1.x

Issue #2806843: 8.x allows infected files to be uploaded in TCP/IP mode

Comment #5

12 October 2016 at 18:34

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

8.x allows infected files to be uploaded in TCP/IP mode.

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

News items

Our community

Documentation

Drupal code base

Governance of community