[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted drupal 4.5.3-3 (all source)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri,  8 Jul 2005 00:30:37 +0200
Source: drupal
Binary: drupal
Architecture: source all
Version: 4.5.3-3
Distribution: stable-security
Urgency: high
Maintainer: Hilko Bengen <bengen@debian.org>
Changed-By: Hilko Bengen <bengen@debian.org>
Description: 
 drupal     - fully-featured content management/discussion engine
Changes: 
 drupal (4.5.3-3) stable-security; urgency=HIGH
 .
   * Maintainer upload for the Security Team
   * Upstream has announced that two vulnerabilities which are fixed in
     this version:
 .
     - CAN-2005-2116 / DRUPAL-SA-2005-003: Through the bundled xmlrpc
       module, an attacker could execute arbitrary PHP code (see
       http://drupal.org/files/sa-2005-002/advisory.txt).
 .
     - CAN-2005-2106 / DRUPAL-SA-2005-002: Through a flaw in the input
       validation routines, an attacker could execute arbitrary PHP code
       when public comments or postings were allowed (see
       http://drupal.org/files/sa-2005-003/advisory.txt).
Files: 
 0eb3f7233e0c83f4524784381338ddda 609 web extra drupal_4.5.3-3.dsc
 bf093c4c8aca7bba62833ea1df35702f 471540 web extra drupal_4.5.3.orig.tar.gz
 42582f8972fd4adb5d7e08712f80912c 43573 web extra drupal_4.5.3-3.diff.gz
 0af9a174268a7bfb83b523b452076e7b 487404 web extra drupal_4.5.3-3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCzbIYUCgnLz/SlGgRAi1wAKCvd2AUtdbx7VZAk4xd0bX3k4va1wCfVas5
RDwNbui+ItQOrLbgiAuLHG8=
=YUOp
-----END PGP SIGNATURE-----


Accepted:
drupal_4.5.3-3.diff.gz
  to pool/main/d/drupal/drupal_4.5.3-3.diff.gz
drupal_4.5.3-3.dsc
  to pool/main/d/drupal/drupal_4.5.3-3.dsc
drupal_4.5.3-3_all.deb
  to pool/main/d/drupal/drupal_4.5.3-3_all.deb
Reply to: