Debian Package Tracker

From: Gunnar Wolf <gwolf@debian.org>
To: <>
Subject: Accepted drupal7 7.52-2+deb9u2 (source all) into stable->embargoed, stable
Date: Sat, 24 Feb 2018 11:47:24 +0000
Signed by: Gunnar Eyal Wolf Iszaevich <gwolf@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 22 Jun 2017 11:56:08 -0500
Source: drupal7
Binary: drupal7
Architecture: source all
Version: 7.52-2+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Gunnar Wolf <gwolf@debian.org>
Changed-By: Gunnar Wolf <gwolf@debian.org>
Description:
 drupal7    - fully-featured content management framework
Closes: 891150 891152 891153 891154
Changes:
 drupal7 (7.52-2+deb9u2) stretch-security; urgency=high
 .
   * Added missing DEP5 header to SA-CORE-2017-003 patch
   * Uncruft: Remove an unused .dpatch file still from the drupal6 era(!)
   * Fixes multiple security vulnerabilities, grouped under Drupal's
     SA-CORE-2018-001 (CVEs yet unassigned):
     - External link injection on 404 pages when linking to the current
       page (Closes: #891154)
     - jQuery vulnerability with untrusted domains (Closes: #891153)
     - Private file access bypass (Closes: #891152)
     - JavaScript cross-site scripting prevention is incomplete (Closes:
       #891150)
Checksums-Sha1:
 225c3982bfbd02b3db5459c311743639d93e6603 1904 drupal7_7.52-2+deb9u2.dsc
 24a69c198db2358aa28e24e4ff32aafcd1f2ef38 192124 drupal7_7.52-2+deb9u2.debian.tar.xz
 c4fcd864d0f3d50b11bc9c6fed046234226be95f 2517480 drupal7_7.52-2+deb9u2_all.deb
 83a9790be1b87c47310704d9e1c202d72c4b4340 8574 drupal7_7.52-2+deb9u2_amd64.buildinfo
Checksums-Sha256:
 87509fea6f62f7c2aeda059b6086eaccb9f0282289746befb18a9be98847dc88 1904 drupal7_7.52-2+deb9u2.dsc
 ee93b46c165829788e062ca3a03f9bcd4782fbebb84bad834480dfb6256d4004 192124 drupal7_7.52-2+deb9u2.debian.tar.xz
 1db16f45bfcb17191bb2b18712bb97e736e809c6d49bcb7d387bb38f3b380d01 2517480 drupal7_7.52-2+deb9u2_all.deb
 0fa8447251ca25b58ee89cdf41363ac33b4ee5318d40429ce6f9afb0ced289aa 8574 drupal7_7.52-2+deb9u2_amd64.buildinfo
Files:
 23cafd996c10e83910ba27c93eed1dbd 1904 web extra drupal7_7.52-2+deb9u2.dsc
 82739f130e15ab1cf982800a7d9c27d6 192124 web extra drupal7_7.52-2+deb9u2.debian.tar.xz
 6c37f015793d430f388e56c6926e329b 2517480 web extra drupal7_7.52-2+deb9u2_all.deb
 686099084ea2eeeca6cca0da3ac3e0c0 8574 web extra drupal7_7.52-2+deb9u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEq0HBxor9ZoygRev4ZzoD5MHbkh8FAlqQeAUACgkQZzoD5MHb
kh+vDg/+O19En/vanthhp4qmbtvWUsJ0o6slD+aF3o9ln24Pon72Z15a7wbmj7+m
Dz44qHPk034/sbDOQAuDYDUP5fL0V7JYh7rF6JL8w+FA4o62SIgMLYaeWFTS+S6+
F0J0Qa+9Xb+Bd6OBY3LiDtME4kVW1VD3se7IqYQ1qQrKNWedABzDHn7Un1p7DfYB
f2vIqLcsSPMagHj0judOfumoUsBrDLMU3S+/aGL2HjCIYV7ilFSIRlwLtItDOB03
sLOAUNue6X1BCmCLZxmIYw1f3IfiT3oqXpmwoCJ6UMHgh2Fg5LbTlLaBhkL5/4f7
pdvgdorRQTZSOSHnmLKIhmZEeLbR3LPaU6LaXpHF99gHoinQCfDOjuSPqeVTsVZc
NTTeGOh0NVRyBNKd6CXhkfK9ntSFh4xQXhhD9f/Ibmh/Co3CeILT6F0LklpkNfxE
kdmq0PgHe/rXc4R3NyfpzXJ9QZX6jmNQaNo3RQcVn1uY3V9V64CJaJUURCKfOS3t
LoB5Xo2tQCKXzW4GQ7kbAXG/9tX78+vGZBNnGLXgYBgyFeUFfzxZTy1XxqL5zoga
Q2E6YeZJZOJmdUDrKw9dI3/nuZ0ZW8vJgbUhVQlu3bqtEHu6wmhlLjfNMSEQW7SG
AT+SWTGGIpvAj7TCY1hr+ki0Li/ZGyM5KH9Pq4SG/TvwrS8Hn8s=
=gHlf
-----END PGP SIGNATURE-----
News for package drupal7
