[development] Fwd: [SECURITY] [DSA 1125-1] New drupal packages fix execution of arbitrary web script code

Adrian Rossouw adrian at bryght.com
Thu Jul 27 11:09:29 UTC 2006

On 27 Jul 2006, at 11:36 AM, Dries Buytaert wrote:

> The .install files, the update script and the installer could take  
> some burden of the package maintainers (but might need a command  
> line extension so they can be hooked into their tools).
nothing is stopping you from running drupal on the command line.

All you need to do is set some environment variables before you  

We need meta-data and dependency information before we can do that  
Now that we have modules in their own directories, that entire  
process can start up again.

We also need to tackle individual module versioning. Each and every  
time a drupal.org module
distribution package gets updated with any change whatsoever, a new  
version needs to be created.

Adrian Rossouw
Drupal developer and Bryght Guy
http://drupal.org | http://bryght.com

More information about the development mailing list