-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 18 Jun 2015 09:53:59 -0500 Source: drupal7 Binary: drupal7 Architecture: source all Version: 7.14-2+deb7u10 Distribution: oldstable-security Urgency: high Maintainer: Luigi Gangitano <luigi@debian.org> Changed-By: Gunnar Wolf <gwolf@debian.org> Description: drupal7 - fully-featured content management framework Changes: drupal7 (7.14-2+deb7u10) oldstable-security; urgency=high . * Backported from 7.38: SA-CORE-2015-002 (Multiple vulnerabilities. CVE IDs assigned as follows: + Impersonation (OpenID module - Drupal 6 and 7): CVE-2015-3234 + Open redirect (Field UI module - Drupal 7): CVE-2015-3232 + Open redirect (Overlay module - Drupal 7: CVE-2015-3233 + Information disclosure (Render cache system - Drupal 7): CVE-2015-3231 * Refreshed patches that are applied for the build process, lowering the amount of build-noise generated. Checksums-Sha1: 93bc1f5cd03b1bfa057777d9193c81fef104ce65 1841 drupal7_7.14-2+deb7u10.dsc 59ae71d559bc4d763562b83b216eff63c183f112 193000 drupal7_7.14-2+deb7u10.debian.tar.xz 7ff92260c0acfbd3ea11f927271cf89ab1cdc198 2407406 drupal7_7.14-2+deb7u10_all.deb Checksums-Sha256: f67b236f52471c111454ed210e482f805c2aff0ad58695ead8198700f3cc4f38 1841 drupal7_7.14-2+deb7u10.dsc 5cdd7ecd77cd9fefc3b0abdbc8d2e3028ecad843af6e6f48748c252fc2b3de6d 193000 drupal7_7.14-2+deb7u10.debian.tar.xz 862a18e2871e0fd54a7a73dedee13608e9ab4a63f0ddf42e28c182e593d6d658 2407406 drupal7_7.14-2+deb7u10_all.deb Files: 181cfa670c3d691b48d8a8cf8db34930 1841 web extra drupal7_7.14-2+deb7u10.dsc 61e75d3e0c309e9064ac594949cf82e4 193000 web extra drupal7_7.14-2+deb7u10.debian.tar.xz 97ad1ce6763165e7af72d276e4ce1495 2407406 web extra drupal7_7.14-2+deb7u10_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJVgu3wAAoJEGc6A+TB25IfwVQQAI7MZnVkAn/+tnPm69IhsEr/ RMYUTSfav2Eule+SD5AGX57IlaCL6RsiXAxbbT9y9foh/Nrq+mfuZbvOCOKQH1cw 13OBDt1t7eXc9i76lly9+3j15qv3AVtUlla98+LmFFM0Z9dipVEiLRq1lmK1Wp7E DAekwdq2/pu+WCTh1V4KXIWbgxuUkZDnRWoTeq68hKzm5WQnnanvUmPmwx5ljx3e OqNLY3UxiPutPyBPdef3Rxk6TPiKe+gefqVoYW7dZHM1laFUuN1qSwIC7XFm6tUo VXSURrrS9Ui8PH7ln3WnVt2E56nKDrk+WvZJA0kX4SSBBr0LH/UsmHcg65R9OtW8 0Lp/kxqwPmmsHF3PHpZWsEzzw9N9qmAsfKufg+nxzpdoerDfkQ2hxFZzFrwIRoIN uFsij+r+526iAAQt7pZdKzrscYYD0gIfFwFEC21j+Dry2BHhDMCPw6MApEuww3sJ KHrZxQxMdmyc5+YnF2YTrUXaPrndeC2gqVpFFB47bl9ci2PZlG00QpAzXVhnnIpR Ng0KLveJlTR+sfmlUdK9Ea+adMeCLISHmyxbDBffituWAUQ02PwbhjjEAszROCFo 45FICO/pMBuEzU9LUUjJGtYkk0d02vkMtDY4r5/lZGYY0O1U0uHwS1AYJZVsCDdu oJ2ERDkuHMW9QSwfQ+vo =oux7 -----END PGP SIGNATURE-----