Debian Package Tracker

From: Mike Gabriel <sunweaver@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted drupal6 6.28-1 (source all)
Date: Fri, 11 Oct 2013 21:17:40 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 04 Oct 2013 14:20:50 +0200
Source: drupal6
Binary: drupal6
Architecture: source all
Version: 6.28-1
Distribution: oldstable-security
Urgency: high
Maintainer: Luigi Gangitano <luigi@debian.org>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Description: 
 drupal6    - fully-featured content management framework
Changes: 
 drupal6 (6.28-1) oldstable-security; urgency=high
 .
   [ Mike Gabriel ]
   * Urgency high due to security fixes.
   * /debian/control: Add myself to Uploaders: field.
 .
   * New upstream release.
   * Fixes for versions that were uploaded to Debian unstable, but did not reach
     squeeze (see earlier changelog entries since 6.18-1squeeze1):
     - Fixes Access bypass, Cross Site Request Forgery, Multiple vulnerabilities
       (Ref: SA-CORE-2012-001, CVE-2012-0825, CVE-2012-0826, CVE-2012-0827).
   * Issues that get fixed by this upload:
     - Access bypass (User module search): CVE-2012-5651.
     - Access bypass (Upload module): CVE-2012-5652.
     - Arbitrary PHP code execution (File upload modules): CVE-2012-5653.
     - Cross-site scripting (Various core and contributed modules):
       CVE-2013-0244.
     - Access bypass (Book module printer friendly version): CVE-2013-0245.
     - Access bypass (Image module): CVE-2013-0246.
   * Base packaging logic on 6.26-1~bpo60. Compared to last version squeeze
     this includes a switch to debhelper and quilt.
Checksums-Sha1: 
 aa5831de7cfe30673758af98a3f92d74e1654149 1831 drupal6_6.28-1.dsc
 305860ef83b616338a143080fc196f4f5dc350b1 1105942 drupal6_6.28.orig.tar.gz
 1051cf5f15bab708cf52441c3acb319a931b559c 20741 drupal6_6.28-1.debian.tar.gz
 06be64af98d7c41c33420894d768d796b0a7b1bf 1127248 drupal6_6.28-1_all.deb
Checksums-Sha256: 
 e81bc2de67769e704bb0e54ee5f479b3dfa3faa53e18ac1af3e8318433e469e7 1831 drupal6_6.28-1.dsc
 0f92b1863860535877d3a4547dd1481d0fbc76959cc7042d6c4b2b81209a987f 1105942 drupal6_6.28.orig.tar.gz
 84286cab59bcd3d450aa4a3c1fcde7794203fff14c430047fdcd4b3679edc4c0 20741 drupal6_6.28-1.debian.tar.gz
 a0af58b4db03f09250f40d51997389c6f2b8c0b4790eee26ec4fa556410d544d 1127248 drupal6_6.28-1_all.deb
Files: 
 7da017a4c5bffe928638e254dbd9b76e 1831 web extra drupal6_6.28-1.dsc
 9725ee7fddf9fcc2b70e782bfa6e84f4 1105942 web extra drupal6_6.28.orig.tar.gz
 03e1f499f3ec284ddf87a52b88911e89 20741 web extra drupal6_6.28-1.debian.tar.gz
 c32ce85c8a588fb3708cbf7c2ad3c232 1127248 web extra drupal6_6.28-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJSVC0PAAoJEJr0azAldxsxOOsQAJNrZB6/xH3nsNq7Ihs3WSzr
EQgJ7awmgpkC5dscYbJHZXYWc0ht8xjzlqTfcKM+Kgl0wI1lN57OWna/qfQuT4NH
Hyw+I/860A66NyRAvQpQmr+sPbFXu4/2pNEhUCNgWfgZjUwzeWSnMDs0s/OBqcXt
YWEkH0piQmnbFP8POVFWTt+w/2ymnl+DvAIlfl2R+Y2L1QthKP7L2eMSe0JgAiwU
Gl15LfVq8wgAl0QwiKcZC8K+RTgWvZw9MToysRHCCsWT8MmQGYCoN6OH2S7UX9os
jhN/fFryDEwsW2izaXRf50KaR1uBOS+HNyy807j7RhQex6iYSLXYAUUBTWsJHyO3
jcBhOuzLCz0+PDLYVu9DZmXWT9/9V+aKNR9/YXa45O+XxU/crLqL60CddFL1OfGp
zeXA48JI0mLIH+S/SJsswciyLiagQrO7NOzN42g0PnNx4ZSWx3W9uiIQ7vK3HTbc
ekgZ7Hsi1njELd21F8glLAwVm1Vdu4V7xloWmo7gzyk5Klf8TAIjpUyDrRxgzQ52
XvzzOawIDpsMlV3DmbRNt2ZPglwjjig/AFzVmS6yo+8eNspWpoh9EMjCAgz8W3ce
oNDHiaia0kF9CAhtHRwzGIuyS2mGbRXqu2NAp1cMyk5xJuff8HmpMrtzQkPi3cc2
Pkq6SeXyzqDLOQxkdbuG
=Wndz
-----END PGP SIGNATURE-----
News for package drupal6
