lp:debian/squeeze/drupal6
- Get this branch:
- bzr branch lp:debian/squeeze/drupal6
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 20. By Salvatore Bonaccorso
-
* Non-maintainer upload by the Security Team.
* Imported Upstream version 6.31
- See advisory in https://drupal. org/SA- CORE-2014- 002
- Information disclosure (CVE-2014-2983) - 19. By Salvatore Bonaccorso
-
* Non-maintainer upload by the Security Team.
* Imported Upstream version 6.30
- See advisory in https://drupal. org/SA- CORE-2014- 001
- Impersonation while using OpenID (CVE-2014-1475) - 18. By Mike Gabriel
-
[ Mike Gabriel ]
* Urgency high due to security fixes.
* /debian/control: Add myself to Uploaders: field.* New upstream release.
* Fixes for versions that were uploaded to Debian unstable, but did not reach
squeeze (see earlier changelog entries since 6.18-1squeeze1):
- Fixes Access bypass, Cross Site Request Forgery, Multiple vulnerabilities
(Ref: SA-CORE-2012-001, CVE-2012-0825, CVE-2012-0826, CVE-2012-0827).
* Issues that get fixed by this upload:
- Access bypass (User module search): CVE-2012-5651.
- Access bypass (Upload module): CVE-2012-5652.
- Arbitrary PHP code execution (File upload modules): CVE-2012-5653.
- Cross-site scripting (Various core and contributed modules):
CVE-2013-0244.
- Access bypass (Book module printer friendly version): CVE-2013-0245.
- Access bypass (Image module): CVE-2013-0246.
* Base packaging logic on 6.26-1~bpo60. Compared to last version squeeze
this includes a switch to debhelper and quilt. - 17. By Luigi Gangitano
-
[ Luigi Gangitano ]
* debian/patches/ 21_SA-CORE- 2011-001
- Included upsteam security fix for XSS in color module
(Ref: SA-CORE-2011-001, CVE: TBA)(Closes: #628896) - 16. By Luigi Gangitano
-
[ Luigi Gangitano ]
* Urgency high due to security fixes* New upstream release
- Fixes multiple remote vulnerabilities (Closes: #592716)
(Ref: SA-CORE-2010-002, CVE-TBA)* debian/control
- Bumped Standard-Version to 3.9.1.0, no change needed - 15. By Luigi Gangitano
-
* debian/control
- Removed dependency on exim4, now depends on default-mda (Closes: #587239)
- Bumped Standard-Version to 3.9.0, no change needed* debian/
drupal6. postrm
- Made postrm check for restart.sh in case dependencies were not properly
installed (thanks to Bhavani Shankar.R, from Ubuntu) - 14. By Luigi Gangitano
-
* New upstream release
* debian/cron.sh
- Added --fail option to curl to work around missing base_url in
configuration files (Closes: #561419)* debian/cron.d
- Fixed conditional to avoid warnings on removed package (Closes: #582430) - 13. By Luigi Gangitano
-
[ Luigi Gangitano ]
* Urgency high due to security fixes* New upstream release
- Fixes multiple vulnerabilities (Closes: #572439)
(Ref: SA-CORE-2010-001, CVE-TBA) - 12. By Luigi Gangitano
-
* New upstream release (Closes: #561726)
- Fixes several XSS vulnerabilities (Closes: #562165)
(Ref: SA-CORE-2009-009, CVE-2009-4369, CVE-2009-4370, CVE-2009-4371)* debian/rules
- Use dh_prep instead of dh_clean -k* debian/control
- Upgraded versioned dependency on debhelper to 7* debian/
README. source
- Added directions on source handling - 11. By Luigi Gangitano
-
* New upstream release
- Removed security patches integrate upstream
+ 20_SA-CORE-2009-007
- Fixes multiple vulnerabilities (Ref: SA-CORE-2009-008)
(Closes: #547140)* debian/control
- Bumped Standard-Version to 3.8.3, no change needed* debian/compat
- Switch debhelper compatibility to 7* debian/copyright
- Added reference to copyright file with version
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)