Ubuntu
drupal6 package

lp:ubuntu/lucid-updates/drupal6

  1. Lucid (10.04)
  2. lucid-updates
Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/lucid-updates/drupal6
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

15. By Artur Rona

* SECURITY UPDATE: Multiple vulnerabilities and weaknesses
  (OpenID authentication bypass, file download access bypass,
  comment unpublishing bypass, and actions cross site scripting)
  were discovered in Drupal. (LP: #539056)
  - debian/patches/21_SA-CORE-2010-002.dpatch
  - CVE-2010-3685
  - CVE-2010-3686
  - SA-CORE-2010-002

14. By Luigi Gangitano

[ Luigi Gangitano ]
* Urgency high due to security fixes

* New upstream release
  - Fixes multiple vulnerabilities (Closes: #572439)
    (Ref: SA-CORE-2010-001, CVE-TBA)

13. By Luigi Gangitano

* New upstream release (Closes: #561726)
  - Fixes several XSS vulnerabilities (Closes: #562165)
    (Ref: SA-CORE-2009-009, CVE-2009-4369, CVE-2009-4370, CVE-2009-4371)

* debian/rules
  - Use dh_prep instead of dh_clean -k

* debian/control
  - Upgraded versioned dependency on debhelper to 7

* debian/README.source
  - Added directions on source handling

12. By Luigi Gangitano

* New upstream release
  - Removed security patches integrate upstream
    + 20_SA-CORE-2009-007
  - Fixes multiple vulnerabilities (Ref: SA-CORE-2009-008)
    (Closes: #547140)

* debian/control
  - Bumped Standard-Version to 3.8.3, no change needed

* debian/compat
  - Switch debhelper compatibility to 7

* debian/copyright
  - Added reference to copyright file with version

11. By Chuck Short

debian/control, debian/drupal6.postinst: Drop wwwconfig as we get it ready for main.

10. By Artur Rona

* debian/patches/21_SA-CORE-2009-008.dpatch:
  - Fixed security issues (session fixation),
    see SA-CORE-2009-008 (LP: #431080).
* debian/README.source: Added for silence lintian's warning.

9. By Nico Golde <email address hidden>

* Non-maintainer upload by the Security Team.
* Apply upstream patch to fix:
  - XSS in the forum module
  - Input format access bypass via signatures
  - Password leakage via URLs
  (no CVE id yet; SA-CORE-2009-007; Closes: #535435).

8. By Luigi Gangitano

[ Luigi Gangitano ]
* New upstream release
  - Fixes XSS vulnerability (Ref: SA-CORE-2009-005, CVE-TBD)
    (Closes: #526378)

7. By Luigi Gangitano

[ Luigi Gangitano ]
* New upstream release
  - This version fixes two Windows-only security issues
    (Ref: SA-CORE-2009-003, SA-CORE-2009-004)
    Debian is not affected by this vulnerabilites

6. By Luigi Gangitano

[ Luigi Gangitano ]
* New upstream release
  - Removed security patch integrate upstream
    + 12_SA-2008-073
    + 13_SA-CORE-2009-001

* debian/cron.sh
  - Handle sites/all correctly (Closes: #513522)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/natty/drupal6
This branch contains Public information 
Everyone can see this information.

Subscribers