Debian Package Tracker

From: Gunnar Wolf <gwolf@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted drupal7 7.14-2+deb7u1 (source all)
Date: Thu, 28 Nov 2013 22:17:05 +0000
Signed by: Gunnar Eyal Wolf Iszaevich <gwolf@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 23 Nov 2013 11:37:27 -0600
Source: drupal7
Binary: drupal7
Architecture: source all
Version: 7.14-2+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Luigi Gangitano <luigi@debian.org>
Changed-By: Gunnar Wolf <gwolf@debian.org>
Description: 
 drupal7    - fully-featured content management framework
Changes: 
 drupal7 (7.14-2+deb7u1) wheezy-security; urgency=high
 .
   * Backported fixes from version 7.24 addresing several security
     vulnerabilities (SA-CORE-2013-003), including:
     * Multiple vulnerabilities due to optimistic cross-site request forgery
       protection (Form API validation) (CVE-2013-6385)
     * Multiple vulnerabilities due to weakness in pseudorandom number
       generation using mt_rand() (Form API, OpenID and random password
       generation - Drupal 6 and 7) (CVE-2013-6386)
     * Code execution prevention (Files directory .htaccess for Apache -
       (security hardening)
     * Access bypass (Security token validation)
       Treating as security hardening
     * Cross-site scripting (Image module) (CVE-2013-6387).
     * Cross-site scripting (Color module) (CVE-2013-6388).
     * Open redirect (Overlay module) (CVE-2013-6389).
Checksums-Sha1: 
 11221a9b28159931d07d67363190614404556171 1849 drupal7_7.14-2+deb7u1.dsc
 ab33bea454fed20c535e37a71cea6004599488c3 3128473 drupal7_7.14.orig.tar.gz
 9839f099d062bdb5610afc90db3497cc844c73d7 210757 drupal7_7.14-2+deb7u1.debian.tar.gz
 0ced35a29bf9203f17a1d5a3312db4ded21f17e7 2409718 drupal7_7.14-2+deb7u1_all.deb
Checksums-Sha256: 
 5ffb6fac40b4f5c986f30b949bbc3f39a12835720fc62f5258fbaa70f9821bde 1849 drupal7_7.14-2+deb7u1.dsc
 17db094aaa78d76ec6a3517171f1d8c158745eee2e19006d5ed97b7ffc2c54da 3128473 drupal7_7.14.orig.tar.gz
 733aa3e24428168b3dd5c14d27f6471ebf9c15651b9e2eb6a26a2203fbeb2376 210757 drupal7_7.14-2+deb7u1.debian.tar.gz
 b608c6eaf9d92ce1de055900e0233519adb44f2cbf908b8b2d80eb13158c1d60 2409718 drupal7_7.14-2+deb7u1_all.deb
Files: 
 9a1397741030881f2191bc2e6d0f4111 1849 web extra drupal7_7.14-2+deb7u1.dsc
 af7abd95c03ecad4e1567ed94a438334 3128473 web extra drupal7_7.14.orig.tar.gz
 150657b41dacb248c68313c4fb7177ec 210757 web extra drupal7_7.14-2+deb7u1.debian.tar.gz
 84f3cd8ad2904a697b07115b534ec5cd 2409718 web extra drupal7_7.14-2+deb7u1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBCAAGBQJSkOiFAAoJEGc6A+TB25IfSVMP/Rxb+Kl6NnMqMDeFbPT3xBlo
WIVC635LoJY2Fclra/YUQiVdu/VmCG9dp7hZ4/lX3d7C1UvR4D5XbToJ5tLAYRHl
7jtaavqFKSRZG/qgQOYtR5rouFCYysON+BzJaKFuZOyk82/73dkBQmvMDHmOK3FI
3G2zMLiY/dqWkKnFF/fz8GagSoW8XeLIEC4AJIpAlWFMvwhufVSyOG/R8C97ATG6
10iklALiob09DNDDvB0gP7mrOmAze854cCfKuGwLLJ85X46fhYhiaavZL2nSd7E5
ouPTR+7ipJC0rfANlSgWGXmadHSXgiGp1qyrxoOxbsX3LrNVKr3IQ6P8JguFtWom
edz8LZ9LNIaz5nIg99KtnW065vjOWcy5R8ZYb2m9SCuplykQ8DEoc/dO50TuYPwO
+LhqmJiv1Rwq19+G0eOGXQgAT0R4rbM2PqazI0DPBaacwDipRwJz7GCtIv9S5UXa
m3FX/Y5pu+HedN7Ybbg6pkDk6R6qD+cu2g0RWMd2Ms0ScjlEFriOPlEZ9P0P5wnd
+bSX1tq0Vfpi2pw1Ad4btnspw76vR3Z0slqFJgGdXOXWG/zD06BCyBFf0h6Uyp3j
WZKN2Vnk1CwaH7Z13I2bzjnQK157dnFE4epHZ7MELTeDiyGIiD/WdJybsgUEfXCw
YUzb0vjkPaY3BiG5nbHU
=wPvf
-----END PGP SIGNATURE-----
News for package drupal7
