lp:ubuntu/karmic/drupal6
- Get this branch:
- bzr branch lp:ubuntu/karmic/drupal6
Branch merges
Branch information
Recent revisions
- 10. By Artur Rona
-
* debian/
patches/ 21_SA-CORE- 2009-008. dpatch:
- Fixed security issues (session fixation),
see SA-CORE-2009-008 (LP: #431080).
* debian/README. source: Added for silence lintian's warning. - 9. By Nico Golde <email address hidden>
-
* Non-maintainer upload by the Security Team.
* Apply upstream patch to fix:
- XSS in the forum module
- Input format access bypass via signatures
- Password leakage via URLs
(no CVE id yet; SA-CORE-2009-007; Closes: #535435). - 8. By Luigi Gangitano
-
[ Luigi Gangitano ]
* New upstream release
- Fixes XSS vulnerability (Ref: SA-CORE-2009-005, CVE-TBD)
(Closes: #526378) - 7. By Luigi Gangitano
-
[ Luigi Gangitano ]
* New upstream release
- This version fixes two Windows-only security issues
(Ref: SA-CORE-2009-003, SA-CORE-2009-004)
Debian is not affected by this vulnerabilites - 6. By Luigi Gangitano
-
[ Luigi Gangitano ]
* New upstream release
- Removed security patch integrate upstream
+ 12_SA-2008-073
+ 13_SA-CORE-2009-001* debian/cron.sh
- Handle sites/all correctly (Closes: #513522) - 5. By Luigi Gangitano
-
[ Luigi Gangitano ]
* Urgency high due to security fixes* debian/
patches/ 13_SA-CORE- 2009-001
- Added upstream patch fixing multiple vulnerabilities
(Ref: SA-CORE-2009-001, CVE-TBD) - 4. By Luigi Gangitano
-
* debian/
patches/ 12_SA-2008- 073
- Moved NMU changes to dpatch file* debian/control
- Added dependency on ${misc:Depends} to make lintian happy* debian/
drupal6. {postinst, postrm}
- Changed apache configuration link name to drupal6.conf, to avoid
collision with drupal5 (Closes: #509769, #505146)
- Set default Postgres encoding to UTF8 (Closes: #508506)* debian/
README. Debian
- Fixed link to installation script (Closes: 507914) - 3. By Patrick Schoenfeld
-
* Non-maintainer upload.
* Urgency high because this fixes a security issue
* Include upstream patch for SA-2008-073, to fix a security issue:
The update system is vulnerable to Cross site request forgeries. Malicious
users may cause the superuser (user 1) to execute old updates that may
damage the database.
(Closes: #508473) - 2. By Luigi Gangitano
-
[ Luigi Gangitano ]
* Urgency high due to security fixes* New upstream release
- Fixes two security vulnerabilities
(Ref: SA-2008-067, CVE-TBA) (Closes: #503222)* debian/
drual6. postrm
- Fixed missing -e option to make lintian happy* debian/
patches/ 10_cronjob. dpatch
- Added patch descritpion to make lintian happy* debian/control
- Bumped Standard-Version to 3.8.0, no change needed* debian/
{control, rules,links}
- Added dependency on libjs-jquery and use jquery.js from it
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/drupal6