Hi releasers, as suggested by the security team, I've just prepared an upload for drupal6 fixing a minor security issue. Can ou please take a look at the attached patch and authorize upload to s-p-u? Regards, L Inizio messaggio inoltrato: > Da: Steffen Joeris <steffen.joeris@skolelinux.de> > Data: 17 gennaio 2010 10.31.47 GMT+01.00 > A: Luigi Gangitano <luigi@debian.org> > Cc: team@security.debian.org > Oggetto: Re: CVE-2009-{4369,4370,4371}: drupal6 XSS issues > > On Fri, 15 Jan 2010 03:12:35 am Luigi Gangitano wrote: >> Hi security-team, >> I've prepared an updated drupal6 for lenny, fixing XSS issues from >> SA-CORE-2009-009. I've attached a diff.gz and .dsc for drupal6_6.6-3lenny4 >> and can make a complete upload to security-master if needed. >> >> The same vulnerabilities are fixed in drupal6_6.15-1 in sid and in testing >> as soon as the package reaches it. > Please fix those via stable-proposed-updates (in coordination with the stable > release team) as they don't warrant a DSA. -- Luigi Gangitano -- <luigi@debian.org> -- <gangitano@lugroma3.org> GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26
Attachment:
drupal6_6.6-3lenny4.diff.gz
Description: GNU Zip compressed data
Attachment:
drupal6_6.6-3lenny4.dsc
Description: Binary data