Your message dated Fri, 12 Jun 2009 07:54:04 +0000
with message-id <[email protected]>
and subject line Bug#529190: fixed in drupal6 6.6-3lenny2
has caused the Debian Bug report #529190,
regarding drupal: cross-site scripting vulnerability
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
529190: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529190
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
package: drupal6
severity: important
tags: security
version: 6.11-1 6.6-3
hi,
a cross-site scripting vulnerability has been discovered in drupal. see
[1].
please coordinate with the security team to prepare fixes for the
stable releases.
thanks.
[1] http://drupal.org/node/461886
--- End Message ---
--- Begin Message ---
Source: drupal6
Source-Version: 6.6-3lenny2
We believe that the bug you reported is fixed in the latest version of
drupal6, which is due to be installed in the Debian FTP archive:
drupal6_6.6-3lenny2.diff.gz
to pool/main/d/drupal6/drupal6_6.6-3lenny2.diff.gz
drupal6_6.6-3lenny2.dsc
to pool/main/d/drupal6/drupal6_6.6-3lenny2.dsc
drupal6_6.6-3lenny2_all.deb
to pool/main/d/drupal6/drupal6_6.6-3lenny2_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steffen Joeris <[email protected]> (supplier of updated drupal6 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 01 Jun 2009 12:46:29 +0000
Source: drupal6
Binary: drupal6
Architecture: source all
Version: 6.6-3lenny2
Distribution: stable-security
Urgency: high
Maintainer: Luigi Gangitano <[email protected]>
Changed-By: Steffen Joeris <[email protected]>
Description:
drupal6 - a fully-featured content management framework
Closes: 529190 531386
Changes:
drupal6 (6.6-3lenny2) stable-security; urgency=high
.
* Non-maintainer upload by the security team
* Fix cross-site scripting (XSS) issues (Closes: #529190, #531386)
Fixes: SA-CORE-2009-006
Checksums-Sha1:
9731f9cbed6e4009b817f339cc9ad46577fbe8ea 1132 drupal6_6.6-3lenny2.dsc
87a63b02d417850a90706e919ad8bdf3e315206c 21561 drupal6_6.6-3lenny2.diff.gz
615d77e73b5c6a33a1b35f54fcf82009f48a91d0 1088692 drupal6_6.6-3lenny2_all.deb
Checksums-Sha256:
8726c3222adc7804670f2c32d49e0bcb2d023c7c6ecd6df2116f485ed948cc8e 1132
drupal6_6.6-3lenny2.dsc
d664ef7172be818b539a4e6dd0b9aaa6011ebc173cc95af198d0a2844bfdab4b 21561
drupal6_6.6-3lenny2.diff.gz
28d9ea3d1d539f9e546db3cda88af1e7978c6266af76c5371e804ffac2f4d809 1088692
drupal6_6.6-3lenny2_all.deb
Files:
7d8a825a0e670972ab6dd4ee98c341c4 1132 web extra drupal6_6.6-3lenny2.dsc
55998c89be8cde527e192e57b7c439d5 21561 web extra drupal6_6.6-3lenny2.diff.gz
fc0fd6e5d35869f6b8bc692fe7183248 1088692 web extra drupal6_6.6-3lenny2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkoj2KIACgkQ62zWxYk/rQei7wCgmYDenR12Q5a04XlEtxbjfIzH
O7oAn2WxUZiNq1TzeU9b6xoqdFkCkgj1
=g9Gy
-----END PGP SIGNATURE-----
--- End Message ---
