Moritz Muehlenhoff wrote:
> Package: drupal
> Severity: grave
> Tags: security
> Justification: user security hole
>
> [I'm pretty sure you are already aware of it; but here it is anyway]
>
> Another XMLRPC vulnerability has been detected that affects Drupal
> as well. Please see http://www.hardened-php.net/advisory_142005.66.html
> for information about the issue in general.
>
> The new upstream release 4.5.4 resolves this issue.
drupal's transition into testing doesn't take place, because the changelog
of the fixed package didn't contain bug closers and the two RC security bugs
prevent migration.
So, please, either close them manually or with the next upload.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
