Bug#495122: marked as done (drupal5: Drupal Core - Multiple vulnerabilities - SA-2008-047)

Debian Bug Tracking System Thu, 14 Aug 2008 17:21:49 -0700

Your message dated Fri, 15 Aug 2008 00:02:05 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#495122: fixed in drupal5 5.10-1
has caused the Debian Bug report #495122,
regarding drupal5: Drupal Core - Multiple vulnerabilities - SA-2008-047
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)


-- 
495122: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495122
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems

--- Begin Message ---

Package: drupal5
Version: 5.9-1
Severity: grave
Tags: security
Justification: user security hole


Drupal 5.9 suffers from several vulnerabilities (XSS). See
http://drupal.org/node/295053 for more details. Please upload Drupal 5.10
soon. Thx!

Regards, 
Ingo

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-xen-amd64
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages drupal5 depends on:
ii  apache2                   2.2.3-4+etch5  Next generation, scalable, extenda
ii  apache2-mpm-prefork [http 2.2.3-4+etch5  Traditional model for Apache HTTPD
ii  curl                      7.15.5-1etch1  Get a file from an HTTP, HTTPS, FT
ii  dbconfig-common           1.8.29+etch1   common framework for packaging dat
ii  debconf                   1.5.11etch2    Debian configuration management sy
ii  exim4-daemon-heavy [mail- 4.63-17        exim MTA (v4) daemon with extended
ii  mysql-client              5.0.32-7etch6  mysql database client (meta packag
ii  mysql-client-5.0 [mysql-c 5.0.32-7etch6  mysql database client binaries
ii  php5                      5.2.0-8+etch11 server-side, HTML-embedded scripti
ii  php5-gd                   5.2.0-8+etch11 GD module for php5
ii  php5-mysql                5.2.0-8+etch11 MySQL module for php5
ii  php5-pgsql                5.2.0-8+etch11 PostgreSQL module for php5
ii  wwwconfig-common          0.0.48         Debian web auto configuration

Versions of packages drupal5 recommends:
pn  mysql-server | postgresql     <none>     (no description available)

-- debconf information excluded

--- End Message ---

--- Begin Message ---

Source: drupal5
Source-Version: 5.10-1

We believe that the bug you reported is fixed in the latest version of
drupal5, which is due to be installed in the Debian FTP archive:

drupal5_5.10-1.diff.gz
  to pool/main/d/drupal5/drupal5_5.10-1.diff.gz
drupal5_5.10-1.dsc
  to pool/main/d/drupal5/drupal5_5.10-1.dsc
drupal5_5.10-1_all.deb
  to pool/main/d/drupal5/drupal5_5.10-1_all.deb
drupal5_5.10.orig.tar.gz
  to pool/main/d/drupal5/drupal5_5.10.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Luigi Gangitano <[EMAIL PROTECTED]> (supplier of updated drupal5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 15 Aug 2008 01:35:50 +0200
Source: drupal5
Binary: drupal5
Architecture: source all
Version: 5.10-1
Distribution: unstable
Urgency: low
Maintainer: Luigi Gangitano <[EMAIL PROTECTED]>
Changed-By: Luigi Gangitano <[EMAIL PROTECTED]>
Description: 
 drupal5    - a fully-featured content management framework
Closes: 495122
Changes: 
 drupal5 (5.10-1) unstable; urgency=low
 .
   [ Luigi Gangitano ]
   * Urgency high due to security fixes
 .
   * New upstream release
     - Fixes several XSS vulnerabilities
       (Ref: SA-2008-047, CVE-TBD) (Closes: #495122)
Checksums-Sha1: 
 26a5b5cbc9f64f849996375e41a80afa77f522b0 1074 drupal5_5.10-1.dsc
 0c722d75608e25039ffee448a450721aba1de64a 762496 drupal5_5.10.orig.tar.gz
 e505aaee3aff8d97f2b27c0fb65ca9dd9f8e0920 25531 drupal5_5.10-1.diff.gz
 aea28e31a112f00b0464f0718ec31c85b1ab62d1 781318 drupal5_5.10-1_all.deb
Checksums-Sha256: 
 5f18fffbca0106c642c94379332bf4ef48143061e7b9f9836147359c7471a10c 1074 
drupal5_5.10-1.dsc
 71e44df9cbbc58a4f116b089c82ca8f03cbd2933e4072dca9ca0b0ac3dfc0757 762496 
drupal5_5.10.orig.tar.gz
 127859fa157e642e56d2cc3ba60b37f7cd3e572d89a233dfee851aee3b0246ea 25531 
drupal5_5.10-1.diff.gz
 dd71cba4302f405c36a3fa1fc3b0b1ea40b2d723b307a099020ca12ef1650e71 781318 
drupal5_5.10-1_all.deb
Files: 
 e714e0f7ff0dea51f47919ad4d36d5eb 1074 web extra drupal5_5.10-1.dsc
 819a914e97de48d2b2a8ab6955d01215 762496 web extra drupal5_5.10.orig.tar.gz
 7cda13edefce8b91d9668da176e0c788 25531 web extra drupal5_5.10-1.diff.gz
 3fbe850c80f5dd94e2112a13e21fcb6a 781318 web extra drupal5_5.10-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)

iD8DBQFIpMP18ZumGJJMDCYRAr3HAJ0abhA9XUhnHKeWHG3o1W3svkJh2ACgg+Gn
pfJpi0tRcF7/DbXoIF7ekn4=
=xhKw
-----END PGP SIGNATURE-----

--- End Message ---

Bug#495122: marked as done (drupal5: Drupal Core - Multiple vulnerabilities - SA-2008-047)

Reply via email to