Diff attached for Hardy ** Description changed:
Binary package hint: drupal5 Drupal 5.20 has been released to fix a critical security vulnerability, as well as other, smaller issues. No new functionality has been included. Full details about the security issue addressed by this bugfix are available at http://drupal.org/node/579482 . The release announcement can be found at http://drupal.org/drupal-6.14 . Drupal 5.19 is not yet available upstream for merging. The vulnerability is: * Attacker can fix and reuse a victim's session ID. + + New upstream (non-Debian) source: + ftp://ftp.osuosl.org/pub/drupal/files/projects/drupal-5.20.tar.gz ** Attachment added: "Drupal5-5.20 for Hardy" http://launchpadlibrarian.net/32009990/drupal5_5.20-0ubuntu1.diff.gz -- Drupal 5.20 released to fix critical security vulnerability https://bugs.launchpad.net/bugs/431080 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs