Accepted drupal6 6.29-1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 20 Dec 2013 11:43:32 +0100
Source: drupal6
Binary: drupal6
Architecture: source all
Version: 6.29-1
Distribution: oldstable-security
Urgency: high
Maintainer: Luigi Gangitano <luigi@debian.org>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Description:
drupal6 - fully-featured content management framework
Changes:
drupal6 (6.29-1) oldstable-security; urgency=high
.
* New upstream releases.
- Don't perform for validation if CSRF validation has failed:
CVE-2013-6385.
- Stop using mt_rand which produces predictable seeds: CVE-2013-6386.
* Propose hardening Drupal's files folder with a specific .htaccess file (to
prevent arbitrary code execution). Example .htaccess file provided.
* debian/patches/*:
+ Refresh patch files.
Checksums-Sha1:
537dc0e770184ef7f840858d00cfc2f2fa5f10a6 1831 drupal6_6.29-1.dsc
cafe11ee8a7e631b3aedf6f3f90d71ac1a9adac3 1101032 drupal6_6.29.orig.tar.gz
c72d5effadac510834a483a1d142cba70225855a 21732 drupal6_6.29-1.debian.tar.gz
cfd49bedb548d834da7e3b4feacfff9bb4543b2b 1131256 drupal6_6.29-1_all.deb
Checksums-Sha256:
66546a9759fbea587045129561c2f053078d724459588bfaf73b0d4966564f80 1831 drupal6_6.29-1.dsc
49c17082e78ecd37eb218812d3e4d679b61ec24297c5ee079a206cdc6f45b2db 1101032 drupal6_6.29.orig.tar.gz
ff9a22b3fb6b45b0a0c93b94800dbe0f9aef3c4601bc67bd5cb46bc448f7fae2 21732 drupal6_6.29-1.debian.tar.gz
5da0e6e8d4405c5632c0a22cfe3bc2e9dd22943b30b65f9e03ef4b45b5be9c83 1131256 drupal6_6.29-1_all.deb
Files:
7a9e646355af2a5ffdda28292448486f 1831 web extra drupal6_6.29-1.dsc
dd36edf843a68e0a76aee7869d531061 1101032 web extra drupal6_6.29.orig.tar.gz
86ac4e7b834561a1c5c902534b7d6594 21732 web extra drupal6_6.29-1.debian.tar.gz
d2bdbf07020464caaad9310fee11671c 1131256 web extra drupal6_6.29-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJStFilAAoJEJr0azAldxsxANEP/0MNXmhhE2RAwQSbZ+RHRlEk
UR+u2vXVocR8S2QbSI/d2ooE8jm/l9zNJLLbFWvYRRbh2tRG5IdRdXXzy7psufIb
RYVtSmFxzc0fzmlPyO3B7lRKycWLFxKQS9Xxp1KxYdumbh5DTHD8+A2eLZzts2KW
SMI+qliTdZ7CToLdmCtzsvEGlkpCwznjRqnWIaVbi+zPXeJTjX5wISIzDmGIton4
FsA5r9TpesFXPkx314ApjGc+l9eC06lSNYNsTq684yVsdBn0fM56RnhUbieTSSKi
1JU36s9NvEouu63P26un0ai6RlatGmB84AQY8Vdh0aLlCOhCxS9DuG+QfN60DPyX
F4+VPn7PkUNTA9D1v3gwmM23sl251eK9FLSgMDfp3mbPe37GNWoKQ8zPKHSb+09O
7bAtacVwOs59H8+DNH68Z1ij4yHRSGZ55GzPz7d6QkcCAF4CbN2+3KtQszRHNfzh
KmwEv+OwTuiv7l2k/VyuyH28kG4SIrwSP+yIlrW78XOme/JvyrytpAbXiryKnjS9
MjHXcPf1LFsJTM5KPhTAKP+eeCb9Lp7oDHhTCxtXmRblRHLKH95die/bqQovXLty
qxzy3/QePrYgEeQEMdWez5E1JpaX+8dlmFUi5668FcGvW8SHdghHCRXp2lVLKXjo
r9usxtnJ3MDKPaD65P7G
=o/RA
-----END PGP SIGNATURE-----
Reply to: