Debian Bug report logs -
#671402
drupal7: CVE-2012-1588 CVE-2012-1589 CVE-2012-1590 CVE-2012-1591
Reported by: Moritz Muehlenhoff <jmm@debian.org>
Date: Thu, 3 May 2012 20:27:01 UTC
Severity: grave
Tags: security
Fixed in version drupal7/7.14-1
Done: Luigi Gangitano <luigi@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Luigi Gangitano <luigi@debian.org>:
Bug#671402; Package drupal7.
(Thu, 03 May 2012 20:27:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Luigi Gangitano <luigi@debian.org>.
(Thu, 03 May 2012 20:27:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: drupal7
Severity: grave
Tags: security
http://drupal.org/node/1557938
Cheers,
Moritz
Reply sent
to Luigi Gangitano <luigi@debian.org>:
You have taken responsibility.
(Thu, 10 May 2012 19:21:11 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Thu, 10 May 2012 19:21:11 GMT) (full text, mbox, link).
Message #10 received at 671402-close@bugs.debian.org (full text, mbox, reply):
Source: drupal7
Source-Version: 7.14-1
We believe that the bug you reported is fixed in the latest version of
drupal7, which is due to be installed in the Debian FTP archive:
drupal7_7.14-1.debian.tar.gz
to main/d/drupal7/drupal7_7.14-1.debian.tar.gz
drupal7_7.14-1.dsc
to main/d/drupal7/drupal7_7.14-1.dsc
drupal7_7.14-1_all.deb
to main/d/drupal7/drupal7_7.14-1_all.deb
drupal7_7.14.orig.tar.gz
to main/d/drupal7/drupal7_7.14.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 671402@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Luigi Gangitano <luigi@debian.org> (supplier of updated drupal7 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 10 May 2012 20:21:41 +0200
Source: drupal7
Binary: drupal7
Architecture: source all
Version: 7.14-1
Distribution: unstable
Urgency: high
Maintainer: Luigi Gangitano <luigi@debian.org>
Changed-By: Luigi Gangitano <luigi@debian.org>
Description:
drupal7 - fully-featured content management framework
Closes: 670415 671402
Changes:
drupal7 (7.14-1) unstable; urgency=high
.
[ Luigi Gangitano ]
* Urgency high due to security fixes
.
* New upstream release
- Fixes DoS, Unvalidated Form Redirect, Multiple Vulnerabilities
(Ref: SA-CORE-2012-002, CVE-2012-1588,CVE-2012-1589, CVE-2012-1590,i
CVE-2012-1591) (Closes: #671402)
- Fixes errors in install.php (Closes: #670415)
.
* debian/control
- Bumped Standard-Version to 3.9.3.0, no change needed
Checksums-Sha1:
f82532f7ff92cb3dff8b0cf8c64801e2aa547c0e 1178 drupal7_7.14-1.dsc
ab33bea454fed20c535e37a71cea6004599488c3 3128473 drupal7_7.14.orig.tar.gz
140ab31df5c27ea904361c6400f1bd88b58f6c94 189612 drupal7_7.14-1.debian.tar.gz
5ad238eeda3e7da2eadddf0ee28837ce9917b723 3175738 drupal7_7.14-1_all.deb
Checksums-Sha256:
c5d14056b5d4ca5b2ada213ff8edf8b8d89145c36925e8e76d51b062f8892fc6 1178 drupal7_7.14-1.dsc
17db094aaa78d76ec6a3517171f1d8c158745eee2e19006d5ed97b7ffc2c54da 3128473 drupal7_7.14.orig.tar.gz
eda6573314c13622dc96a79437325700a481883e1bf273a5d314567de8cc674d 189612 drupal7_7.14-1.debian.tar.gz
a0c55980b225824b11cabe06fbf60ff69ae9a458e7ce8878953a3b76b9f38e18 3175738 drupal7_7.14-1_all.deb
Files:
720814585a520531b05c835e1583c670 1178 web extra drupal7_7.14-1.dsc
af7abd95c03ecad4e1567ed94a438334 3128473 web extra drupal7_7.14.orig.tar.gz
9276f1467e9691134ad8c8704bc21db4 189612 web extra drupal7_7.14-1.debian.tar.gz
50f35a9ed5518c8939933cd401130004 3175738 web extra drupal7_7.14-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)
iEYEARECAAYFAk+sET4ACgkQ8ZumGJJMDCYMFgCggWa/WJovRaZ/zHRt+31z8ywL
y3gAn3tdMWrGTCBCuteW616P/pjzBUxg
=qp6j
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 11 Jun 2012 07:33:16 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 13:38:06 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon