Accepted drupal 4.5.3-4 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 16 Aug 2005 13:48:32 +0200
Source: drupal
Binary: drupal
Architecture: source all
Version: 4.5.3-4
Distribution: stable-security
Urgency: high
Maintainer: Hilko Bengen <bengen@debian.org>
Changed-By: Hilko Bengen <bengen@debian.org>
Description:
drupal - fully-featured content management/discussion engine
Changes:
drupal (4.5.3-4) stable-security; urgency=HIGH
.
* Maintainer upload for the Security Team
* Fixes the following XMLRPC vulnerability:
.
CAN-2005-2498 / DRUPAL-SA-2005-004: Through the bundled xmlrpc module,
an attacker could execute arbitrary PHP code on the target site (see
http://drupal.org/files/sa-2005-004/advisory.txt).
.
* includes/xmlrpc.inc and includes/xmlrpcs.inc have been replaced by
new upstream versions from http://phpxmlrpc.sourceforge.net/
* Added copyright statement to documentation.
Files:
eedec6415db7933b2583cd49953a29aa 609 web extra drupal_4.5.3-4.dsc
bf093c4c8aca7bba62833ea1df35702f 471540 web extra drupal_4.5.3.orig.tar.gz
877a0f759e9f3443cbf7075d84a4dc91 70443 web extra drupal_4.5.3-4.diff.gz
0fa1c9826ea5d4528369d418c8bae13b 497672 web extra drupal_4.5.3-4_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDAe6kUCgnLz/SlGgRAnPmAJsEokHsTiSw3kuJ5ciz+WJA282QuwCg4cPF
uqGGnTkMSZKvfMbvFTU9mho=
=WIGQ
-----END PGP SIGNATURE-----
Accepted:
drupal_4.5.3-4.diff.gz
to pool/main/d/drupal/drupal_4.5.3-4.diff.gz
drupal_4.5.3-4.dsc
to pool/main/d/drupal/drupal_4.5.3-4.dsc
drupal_4.5.3-4_all.deb
to pool/main/d/drupal/drupal_4.5.3-4_all.deb