Accepted drupal7 7.14-2+deb7u1~bpo60+1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 23 Nov 2013 11:37:27 -0600
Source: drupal7
Binary: drupal7
Architecture: source all
Version: 7.14-2+deb7u1~bpo60+1
Distribution: squeeze-backports
Urgency: high
Maintainer: Luigi Gangitano <luigi@debian.org>
Changed-By: Gunnar Wolf <gwolf@debian.org>
Description:
drupal7 - fully-featured content management framework
Changes:
drupal7 (7.14-2+deb7u1~bpo60+1) squeeze-backports; urgency=high
.
* Backported fixes from version 7.24 addresing several security
vulnerabilities (SA-CORE-2013-003), including:
* Multiple vulnerabilities due to optimistic cross-site request forgery
protection (Form API validation) (CVE-2013-6385)
* Multiple vulnerabilities due to weakness in pseudorandom number
generation using mt_rand() (Form API, OpenID and random password
generation - Drupal 6 and 7) (CVE-2013-6386)
* Code execution prevention (Files directory .htaccess for Apache -
(security hardening)
* Access bypass (Security token validation)
Treating as security hardening
* Cross-site scripting (Image module) (CVE-2013-6387).
* Cross-site scripting (Color module) (CVE-2013-6388).
* Open redirect (Overlay module) (CVE-2013-6389).
Checksums-Sha1:
3e7d9ff13d3f624afa71638bb6138cb7b6faf01b 1843 drupal7_7.14-2+deb7u1~bpo60+1.dsc
2de3c03fc6ae8e28a29bdd48b1430826b3f5fa21 212113 drupal7_7.14-2+deb7u1~bpo60+1.debian.tar.gz
eeb4adcf1ace83d4f9d85c68aee683911bcb44e2 3183024 drupal7_7.14-2+deb7u1~bpo60+1_all.deb
Checksums-Sha256:
5b99e532114d11ae05f104df12b5afe7ecfe54194f76c59829afd0dde439c1f3 1843 drupal7_7.14-2+deb7u1~bpo60+1.dsc
fffdc631fd52bf7123e06a05518beb7f116ac46e12d99259d229e9e2507c1886 212113 drupal7_7.14-2+deb7u1~bpo60+1.debian.tar.gz
e100bdff270ada41f302f6938a0bdd14f7438d9ef54f7f0a33b78154e359361a 3183024 drupal7_7.14-2+deb7u1~bpo60+1_all.deb
Files:
6452c1adab38ee5d3af41cb6e26586a5 1843 web extra drupal7_7.14-2+deb7u1~bpo60+1.dsc
a432221d4cb1910f48670a1422c93d16 212113 web extra drupal7_7.14-2+deb7u1~bpo60+1.debian.tar.gz
3abed9b08db80b853ce1cc00c3a01419 3183024 web extra drupal7_7.14-2+deb7u1~bpo60+1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iQIcBAEBCAAGBQJSlOBZAAoJEGc6A+TB25IfZk0QAJTXdVWuHsmkpw0wRLflwSv0
937J47DN4VpELhRjA9ZtfbiHoeG53Smg9wRmsqJtu6TsyXkMH3XfUMfY7FR5P2lg
aCctKQlTilUqVXl0bPPnh3cwT6zJTvDZxyPOReSoswK6bgnHCe9RG8ew48PbiPLT
1fsEW5AbdzsGBxbABsJnIV/tqgGMhkApcNimZ8XH5+5djo07BEezglx+h0GCLA/y
A0lfzZNsTaGFc3hNPrrEhnn6nnn82nd8Ns74uWFDCLKI+A/Urh0e0K0tbEV4s9Ns
1rgPiB19W2fkDen4hmwEOaXWc5CswgO57goHEgbiDmeTjhOvjVR7B56NHtUH8uaV
H3o8cVFC8R9RNxCMN8ezV2/xYZbgMk8DttijgWMNMN0klZaNxjvVxbvBHA9giB3Z
PsLwN0buf6fQuEb59c7NmHh2WRDKV/Zz+tgckrELpKzqncGz76PAm98WSqfY3raP
W3tMjclyvcd2+B7jV3/dpH9DHxQhR2JGtJRWyNPuVNP2jUG5+1viV93OJrXxxqfd
J0Z9kWj3+yLXbT3jQrIRDZ1Ln9JGWBSgCUj52/0P919LRH29LZkus4xIp/lh1+xU
GsYxq5fCkH5IV6LekKi5TlMQhpHBwxUqY9WfuC5ZwGniTuNN5pSy7CobkIdj0Suz
trxHgTG/AIHj54OFnV8G
=ema1
-----END PGP SIGNATURE-----
Reply to: