[development] Fwd: [SECURITY] [DSA 1125-1] New drupal packages
fix execution of arbitrary web script code
Neil McGovern
neilm at debian.org
Thu Jul 27 08:56:43 UTC 2006
On Wed, Jul 26, 2006 at 09:25:27PM -0400, James Walker wrote:
>
> On 26-Jul-06, at 7:06 PM, Larry Garfield wrote:
>
> >I recommend Debian upgrades its Drupal packages, too. I understand
> >Sarge,
> >but why does Sid include 4.5.x?
> >
>
> AFAIK, there isn't an active Debian maintainer for Drupal... killes?
>
>
That would be me. I also produced the security update.
Further info on plans with regard to drupal can be found at
http://lists.alioth.debian.org/pipermail/pkg-drupal-devel/2006-July/000005.html
Sid should include 4.7.2 shortly, which should propogate to etch in time
for the release, and I intend to remove the 2.5 packages as soon as
possible.
Cheers,
Neil
--
A. Because it breaks the logical sequence of discussion
Q. Why is top posting bad?
gpg key - http://www.halon.org.uk/pubkey.txt ; the.earth.li B345BDD3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.drupal.org/pipermail/development/attachments/20060727/c6e18408/attachment.pgp
More information about the development
mailing list