[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted drupal7 7.32-1+deb8u6 (source all) into proposed-updates->stable-new, proposed-updates

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 28 Feb 2016 11:12:14 -0600
Source: drupal7
Binary: drupal7
Architecture: source all
Version: 7.32-1+deb8u6
Distribution: stable-security
Urgency: high
Maintainer: Luigi Gangitano <luigi@debian.org>
Changed-By: Gunnar Wolf <gwolf@debian.org>
Description:
 drupal7    - fully-featured content management framework
Changes:
 drupal7 (7.32-1+deb8u6) stable-security; urgency=high
 .
   * Backported from 7.43 (plus minor needed bits from 7.36 and 7.30 in
     modules/file/file.module): SA-CORE-2016-001: Fixes several security
     vulnerabilities:
     + File upload access bypass and DoS
     + Brute force amplification attack via XML-RPC
     + Open redirect via path manipulation
     + Reflected file download
     + Wrong modes set on some user accounts setting saves
     + Information disclosure of email addresses
     CVE IDs not yet assigned
Checksums-Sha1:
 e6fbc6933b8b96e8356c9e65e86a9d0f95ed2bea 1897 drupal7_7.32-1+deb8u6.dsc
 f41aed5a72c2f47f8c1f47e4b6e917fa89e5954f 197180 drupal7_7.32-1+deb8u6.debian.tar.xz
 14f690a9810b63f9488715e2c3ddbe9891f5fe21 2475670 drupal7_7.32-1+deb8u6_all.deb
Checksums-Sha256:
 1420029e87e6c4c122a3e67e1f0d6d8f68cb9492550fdb3fb8bb8f9cc5451fef 1897 drupal7_7.32-1+deb8u6.dsc
 301ea738ce016d5c32494afb5d68ffe632840f054fa9770e6ccc45aa4833ad61 197180 drupal7_7.32-1+deb8u6.debian.tar.xz
 6387cf2a469826ec1d564d6875a5c8ea966869e6e74cff7cb0918c560335fd6b 2475670 drupal7_7.32-1+deb8u6_all.deb
Files:
 5c97f44c34798e3e05a34fb2c8eadc37 1897 web extra drupal7_7.32-1+deb8u6.dsc
 9e4d2195b6b499cef381ae801aed72e1 197180 web extra drupal7_7.32-1+deb8u6.debian.tar.xz
 351a6176f1a5c60bc9e9e3ce0180c114 2475670 web extra drupal7_7.32-1+deb8u6_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJW0zeBAAoJEGc6A+TB25IfFFUP/3TS1ds7Zxwm/fdN1EzghbOC
w3BrgUQSCf9kfy14BPsRbF3Ho6JjKGM3sXSAsN2VktG/NRV/EM6AbagkMRUQ2VVK
9ATUWZwwoXv3YpXd8f9mfAPv1Z3BnatkN7GZ1unWcm3NGfoRWD/kzgnnWi4Qhe1r
l0ORIybcCr6sXUrDhD06JKdUT7LooVhdrzNbG/BGu4sfFUJOyLRBhjAC5ZPzq1Xd
WiupX3Aa/IUVs0r9Y8gRaqjkO/kaUI4pyzT9bgnO9V0gQx4BIS5fYVHySs0H3GLG
smPeKt7UQmtMoEEstIw9E+goef7JxXKUgZ7gXPPwbBUzDceS73MFfo2RMW9iPj7A
t57o+6VRgBfYt/Up8EkVNcw141C0GzssI4wSV2OoUVf7G/YQgOfXDjwUvH6xMNZy
F+dnnH8DQzISxDVKggzTojIxQGkHd70TFmmI7664ZN8STrD6TU27+BBmp+WOu3mF
IsGfn1kLczUoy60ir3jgJOoUVD0R7F9Inr5f9E8uPQyW5Yw6i8dii3euaME6trIr
FZU7MV57hVXYcIsJk1HkhED4Goy9LCTaEXKKLGL16F+IZs06XJ8RXoucH6x696US
RTwin/XrmXir518gqDgn9JQyqtbAie1nql//K4gjnYXIinZDflY17n2zPp6ExRif
sn/UWVQ7MCjRq+ZaW+sQ
=Baax
-----END PGP SIGNATURE-----
Reply to: