-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 16 Aug 2005 02:15:26 +0200 Source: drupal Binary: drupal Architecture: source all Version: 4.5.5-1 Distribution: unstable Urgency: high Maintainer: Hilko Bengen <bengen@debian.org> Changed-By: Hilko Bengen <bengen@debian.org> Description: drupal - fully-featured content management/discussion engine Closes: 316903 Changes: drupal (4.5.5-1) unstable; urgency=HIGH . * Justification: Fixes security vulnerability * New upstream version - Fixes the following XMLRPC vulnerability: CAN-2005-2498 / DRUPAL-SA-2005-004: Through the bundled xmlrpc module, an attacker could execute arbitrary PHP code on the target site (see http://drupal.org/files/sa-2005-004/advisory.txt). * cron.sh fix for the case when no sites are configured (Closes: #316903) Files: 27ed51e1f53ff6024bdd23a9e87b3646 609 web extra drupal_4.5.5-1.dsc c09b71288678f73c42317f77de8d2f1d 465874 web extra drupal_4.5.5.orig.tar.gz 165c46da155ec19dc7457017fae4f479 42749 web extra drupal_4.5.5-1.diff.gz f1c6692e296fdeaa0ba125feac88215b 482908 web extra drupal_4.5.5-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDAToMUCgnLz/SlGgRAtflAJ417u+ILQUxTwNw6sJWr+yO1liRAgCgrkux v3/Ts61dYqZIQ3UtmjVNvCg= =ufAw -----END PGP SIGNATURE----- Accepted: drupal_4.5.5-1.diff.gz to pool/main/d/drupal/drupal_4.5.5-1.diff.gz drupal_4.5.5-1.dsc to pool/main/d/drupal/drupal_4.5.5-1.dsc drupal_4.5.5-1_all.deb to pool/main/d/drupal/drupal_4.5.5-1_all.deb drupal_4.5.5.orig.tar.gz to pool/main/d/drupal/drupal_4.5.5.orig.tar.gz -- To UNSUBSCRIBE, email to debian-devel-changes-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
