[development] Fwd: [SECURITY] [DSA 1125-1] New drupal packages fix execution of arbitrary web script code

James Gilliland neclimdul at gmail.com
Thu Jul 27 17:28:15 UTC 2006


Gentoo has a setup for all this(and the latest drupal just as a note).  It
installs to any web application like drupal or phpmyadmin to
/usr/share/webapp/<packagename>/<version>/  then you use the gentoo
webapp-config to update or install it to your webdirectory.   If this where
not the case there would be even more complicated problems associated with
keeping track of vhost installs.  Based on the work I've seen in Gentoo web
applications in a disto are tricky business.  I'm not sure about Debian but
I thought I'd give you some perspective from Gentoo's solution to the
problem.

Even so I think providing an updated package for Ubuntu seems like a good
idea to me.  That's my 2c.

James

On 7/27/06, Sanduhrs <sanduhrs at audiens.de> wrote:
>
> Am Donnerstag, 27. Juli 2006 17:22 schrieb Bèr Kessels:
> > .... this is what sympal scripts aims at. See here for a detailed list
> of
> > what the 1.0 of these scripts should do: http://webschuur.com/node/637(the
> > commandline documentation)
> Access denied :/
>
> >
> > Bèr
>
> --
> GPG/PGP - http://subkeys.pgp.net/
> pub  1024D/E71CDBFE 2006-07-10 Stefan Auditor <sanduhrs at audiens.de>
>          Fingerprint=E9C5 56E8 7A5B 92AD 548A  7B57 2106 BE82 E71C DBFE
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/development/attachments/20060727/8f57299e/attachment.htm


More information about the development mailing list