Debian
drupal7 package

lp:debian/drupal7

Sid (98)
sid

Created by James Westby on 2011-06-29 and last modified on 2015-06-18

Get this branch:: bzr branch lp:debian/drupal7

Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Status:: Development

Recent revisions

35. By Gunnar Wolf on 2015-06-18: * Set myself as the maintainer, Luigi as an uploader (to more reliably
get bug notifications)
* New upstream version
* Fixes a security vulnerability (SA-CORE-2015-003) that can lead to
cross site scripting, access bypass, SQL injection, open redirect.
34. By Gunnar Wolf on 2015-06-17: * New upstream version
* Removed patches covering the differences since 7.32, as the freeze and
  release are done.
* Several vulnerabilities fixed: SA-CORE-2015-002
  + Impersonation (OpenID module - Drupal 6 and 7): CVE-2015-3234
  + Open redirect (Field UI module - Drupal 7): CVE-2015-3232
  + Open redirect (Overlay module - Drupal 7: CVE-2015-3233
  + Information disclosure (Render cache system - Drupal 7): CVE-2015-3231
33. By Gunnar Wolf on 2015-03-19: Added missing DEP3 headers to SA-CORE-2015-001 patch
32. By Gunnar Wolf on 2015-03-18: Backported from 7.35: SA-CORE-2015-001 (Access bypass on password
reset URLs; Open redirect)
31. By Gunnar Wolf on 2014-10-15: * Updated the VCS URL in debian/control as git.debian.org is deprecated
* Debian has frozen! We will start backporting the important fixes to
7.32
* Backported from 7.34: SA-CORE-2014-006 (Session hijacking CVE-2014-
9015, Denial of service CVE-2014-9016)
* Several minor reliability fixes backported from 7.33
30. By Gunnar Wolf on 2014-10-15: * New upstream release
* Fixes highly critical security risk CVE-2014-3704; SA-CORE-2014-005
(SQL injection)
* Standards-version 3.9.5 → 3.9.6 (no changes needed)
29. By Gunnar Wolf on 2014-08-06: * New upstream release
* Fixes SA-CORE-2014-004 (XML-RPC endpoint vulnerable to an XML entity
expansion attack and other related attacks which can lead to a DoS:
CPU and memory exhaustion, DB resource starvation)
* This is the "Congratulations to Octavio and Claudia" upload.
28. By Gunnar Wolf on 2014-07-28: New upstream release
27. By Gunnar Wolf on 2014-07-17: * New upstream release
* Fixes SA-CORE-2014-003 (Denial of service; access bypass; 2×cross-
site scripting) (Closes: #755038)
* Setting urgency as high due to the security issues this release closes.
* Add a build-dependency on yui-compressor and actually build the
minified JS files excluded from the package. (Closes: #750666)
* Added lintian overrides for shipped sources, specific JS version
26. By Gunnar Wolf on 2014-05-29: * New upstream release
* Dropped patch "fix_ajax_regression" - incorporated upstream
* Added support for SQLite installs (Closes: #712991)

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Debiandrupal7 package