Accepted drupal7 7.14-2+deb7u12 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 28 Feb 2016 11:52:05 -0600
Source: drupal7
Binary: drupal7
Architecture: source all
Version: 7.14-2+deb7u12
Distribution: wheezy-security
Urgency: high
Maintainer: Luigi Gangitano <luigi@debian.org>
Changed-By: Gunnar Wolf <gwolf@debian.org>
Description:
drupal7 - fully-featured content management framework
Changes:
drupal7 (7.14-2+deb7u12) wheezy-security; urgency=high
.
* Backported from 7.43 (plus minor needed bits from 7.36 and 7.30
in modules/file/file.module): SA-CORE-2016-001: Fixes several
security vulnerabilities: File upload access bypass and DoS, brute
force amplification attack via XML-RPC, open redirect via path
manipulation, reflected file download, wrong modes set on some user
accounts setting saves, information disclosure of email addresses.
CVE IDs not yet assigned
Checksums-Sha1:
f86dfd60bd6c046a7ed94b9203a055607a79dd04 1841 drupal7_7.14-2+deb7u12.dsc
c707cd9257699e06b29c11e6fa7a1b17346ad698 203520 drupal7_7.14-2+deb7u12.debian.tar.xz
70ad8eda99b9bccac5f81e7155675e39b3f39b86 2412946 drupal7_7.14-2+deb7u12_all.deb
Checksums-Sha256:
8dd0142374f767712ea6077260c73d932081418c2378426da2f1804249ad3f5c 1841 drupal7_7.14-2+deb7u12.dsc
b552c2d78a26997923025cdacb789ea48525b43973b871b9d97aba25d585bea3 203520 drupal7_7.14-2+deb7u12.debian.tar.xz
71a80cf770d4524efefb379b954ba08521d6e5805bb2b06f9292f1cf1a18e598 2412946 drupal7_7.14-2+deb7u12_all.deb
Files:
65734d4c077a404a5d890237ac94d5da 1841 web extra drupal7_7.14-2+deb7u12.dsc
8bf6d0cbe4b10c273e98100920887e26 203520 web extra drupal7_7.14-2+deb7u12.debian.tar.xz
11f79f7ec6af7cd26e0ea4235033f169 2412946 web extra drupal7_7.14-2+deb7u12_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJW0zeXAAoJEGc6A+TB25IfjmQP/i8UyTc+TSMdK5bjJqA5WTwF
FRG1W4z98CNGtkvWIIn5XEdw5kQ824YS1RouTM5IE1oSsRuaza30M3mVp3f6S/KT
Wrt4yllKH68KhS3g8li4bKucBEx5fGvrMbWNU9feRbmHo0U+rNcUhariIUYJpI/i
wkyoQH29WJgeAvMluGCyMvQTwS7UEvV54V+UsX4R58joEeul5mOxrgMz6FAw8ezq
rkKRQl6tiE000p70e54qKv0SrGcgJB8WM7o7Sf78rz8pP3xJUtop8Fl2NetJTdyS
miK5TIOrfoQIxG/G8NbJO74isqzRajTJhWfyikf0GIlTYZsbFCVSWM9nFRKaXURy
6jQKGIw8b/cyIWr1xM8sTEphoJ2cTkA71QgsSZ5lzYmMB+akdPoHscbsm1taSmiL
J0WHUtF/qYtkulH+EKFfogyZQfmQFQ2+2aYuSnVcpp+EEEbYMF7ScKCvRH6yT/Op
MRGx3IIVotu9RGlY/BeEtI+EqDvP7jQZeJ7kEiXuvz5tIx4Djq60gSKuJkJX6d1t
9Ctijcbr+650+bnMLjoquSKH1yvvYH08YaldMwclFttfdSFVMmcfVjT01mGhl49o
/mhNlh/N2JJXT9RGBgzA9aCeJaDZqM+8/bEWsa3jONr9dNjVs0oWRpaDpB0QS+Ea
bwp9PkxfgqwDD/yoB5zM
=EyKI
-----END PGP SIGNATURE-----
Reply to: