lp:ubuntu/lucid-updates/drupal6
- Get this branch:
- bzr branch lp:ubuntu/lucid-updates/drupal6
Branch merges
Branch information
Recent revisions
- 15. By Artur Rona
-
* SECURITY UPDATE: Multiple vulnerabilities and weaknesses
(OpenID authentication bypass, file download access bypass,
comment unpublishing bypass, and actions cross site scripting)
were discovered in Drupal. (LP: #539056)
- debian/patches/ 21_SA-CORE- 2010-002. dpatch
- CVE-2010-3685
- CVE-2010-3686
- SA-CORE-2010-002 - 14. By Luigi Gangitano
-
[ Luigi Gangitano ]
* Urgency high due to security fixes* New upstream release
- Fixes multiple vulnerabilities (Closes: #572439)
(Ref: SA-CORE-2010-001, CVE-TBA) - 13. By Luigi Gangitano
-
* New upstream release (Closes: #561726)
- Fixes several XSS vulnerabilities (Closes: #562165)
(Ref: SA-CORE-2009-009, CVE-2009-4369, CVE-2009-4370, CVE-2009-4371)* debian/rules
- Use dh_prep instead of dh_clean -k* debian/control
- Upgraded versioned dependency on debhelper to 7* debian/
README. source
- Added directions on source handling - 12. By Luigi Gangitano
-
* New upstream release
- Removed security patches integrate upstream
+ 20_SA-CORE-2009-007
- Fixes multiple vulnerabilities (Ref: SA-CORE-2009-008)
(Closes: #547140)* debian/control
- Bumped Standard-Version to 3.8.3, no change needed* debian/compat
- Switch debhelper compatibility to 7* debian/copyright
- Added reference to copyright file with version - 11. By Chuck Short
-
debian/control, debian/
drupal6. postinst: Drop wwwconfig as we get it ready for main. - 10. By Artur Rona
-
* debian/
patches/ 21_SA-CORE- 2009-008. dpatch:
- Fixed security issues (session fixation),
see SA-CORE-2009-008 (LP: #431080).
* debian/README. source: Added for silence lintian's warning. - 9. By Nico Golde <email address hidden>
-
* Non-maintainer upload by the Security Team.
* Apply upstream patch to fix:
- XSS in the forum module
- Input format access bypass via signatures
- Password leakage via URLs
(no CVE id yet; SA-CORE-2009-007; Closes: #535435). - 8. By Luigi Gangitano
-
[ Luigi Gangitano ]
* New upstream release
- Fixes XSS vulnerability (Ref: SA-CORE-2009-005, CVE-TBD)
(Closes: #526378) - 7. By Luigi Gangitano
-
[ Luigi Gangitano ]
* New upstream release
- This version fixes two Windows-only security issues
(Ref: SA-CORE-2009-003, SA-CORE-2009-004)
Debian is not affected by this vulnerabilites - 6. By Luigi Gangitano
-
[ Luigi Gangitano ]
* New upstream release
- Removed security patch integrate upstream
+ 12_SA-2008-073
+ 13_SA-CORE-2009-001* debian/cron.sh
- Handle sites/all correctly (Closes: #513522)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/drupal6