Back to drupal PTS page

Accepted drupal 4.5.3-5 (source all)

To: debian-changes@lists.debian.org
Subject: Accepted drupal 4.5.3-5 (source all)
From: Hilko Bengen <bengen@debian.org>
Date: Fri, 27 Jan 2006 02:17:10 -0800
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1F2QfG-0002PV-6u@spohr.debian.org>
Reply-to: debian-devel@lists.debian.org
Sender: Archive Administrator <katie@ftp-master.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 30 Nov 2005 23:23:05 +0100
Source: drupal
Binary: drupal
Architecture: source all
Version: 4.5.3-5
Distribution: stable-security
Urgency: high
Maintainer: Martin Schulze <joey@debian.org>
Changed-By: Hilko Bengen <bengen@debian.org>
Description: 
 drupal     - fully-featured content management/discussion engine
Changes: 
 drupal (4.5.3-5) stable-security; urgency=HIGH
 .
   * Maintainer upload for the Security Team
   * Fixes three security vulnerabilities:
     - DRUPAL-SA-2005-007: Cross-site-scripting vulnerability
     - DRUPAL-SA-2005-008: It was possible to attach files that are able
       to run Javascript under Internet Explorer.
     - DRUPAL-SA-2005-009: It was possible to bypass the 'access user
       profile' permission if the server was running PHP5
Files: 
 55d91c43600aa680ba52b17c717ea8e3 609 web extra drupal_4.5.3-5.dsc
 5349b33da1964a91340d7e98db1fc924 80360 web extra drupal_4.5.3-5.diff.gz
 925cd8f84b2ec34f98663d849816066b 501814 web extra drupal_4.5.3-5_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFD08CYW5ql+IAeqTIRAgAAAKCf/0v0n+D18jyLCh5qUqmL7N8p7wCfcZxT
d9VJmzp2FURExR1ue/V2kBU=
=vOE2
-----END PGP SIGNATURE-----


Accepted:
drupal_4.5.3-5.diff.gz
  to pool/main/d/drupal/drupal_4.5.3-5.diff.gz
drupal_4.5.3-5.dsc
  to pool/main/d/drupal/drupal_4.5.3-5.dsc
drupal_4.5.3-5_all.deb
  to pool/main/d/drupal/drupal_4.5.3-5_all.deb