Hi releasers,
as suggested by the security team, I've just prepared an upload for drupal6 fixing a minor security issue. Can ou please take a look at the attached patch and authorize upload to s-p-u?
Regards,
L
Inizio messaggio inoltrato:
> Da: Steffen Joeris <steffen.joeris@skolelinux.de>
> Data: 17 gennaio 2010 10.31.47 GMT+01.00
> A: Luigi Gangitano <luigi@debian.org>
> Cc: team@security.debian.org
> Oggetto: Re: CVE-2009-{4369,4370,4371}: drupal6 XSS issues
>
> On Fri, 15 Jan 2010 03:12:35 am Luigi Gangitano wrote:
>> Hi security-team,
>> I've prepared an updated drupal6 for lenny, fixing XSS issues from
>> SA-CORE-2009-009. I've attached a diff.gz and .dsc for drupal6_6.6-3lenny4
>> and can make a complete upload to security-master if needed.
>>
>> The same vulnerabilities are fixed in drupal6_6.15-1 in sid and in testing
>> as soon as the package reaches it.
> Please fix those via stable-proposed-updates (in coordination with the stable
> release team) as they don't warrant a DSA.
--
Luigi Gangitano -- <luigi@debian.org> -- <gangitano@lugroma3.org>
GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26
Attachment:
drupal6_6.6-3lenny4.diff.gz
Description: GNU Zip compressed data
Attachment:
drupal6_6.6-3lenny4.dsc
Description: Binary data