[Bug 431080] Re: Fix critical security vulnerability (SA-CORE-2009-008)
Launchpad Bug Tracker
431080 at bugs.launchpad.net
Mon Oct 26 13:03:32 GMT 2009
This bug was fixed in the package drupal6 - 6.10-1ubuntu0.1
---------------
drupal6 (6.10-1ubuntu0.1) jaunty-security; urgency=low
* debian/patches/18_SA-CORE-2009-005.dpatch:
- Fix cross site scripting, see SA-CORE-2009-005
- CVE-2009-1576
* debian/patches/19_SA-CORE-2009-006.dpatch:
- Fix cross site scripting, see SA-CORE-2009-006
* debian/patches/20_SA-CORE-2009-007.dpatch:
- Fix possible password leakage via URLs.
- CVE-2009-2372
- CVE-2009-2373
- CVE-2009-2374
* debian/patches/21_SA-CORE-2009-008.dpatch:
- Fix security issues (session fixation),
see SA-CORE-2009-008 (LP: #431080)
-- Artur Rona <ari-tczew at tlen.pl> Sun, 25 Oct 2009 16:19:12 +0100
** Changed in: drupal6 (Ubuntu Jaunty)
Status: New => Fix Released
** Changed in: drupal5 (Ubuntu Jaunty)
Status: New => Fix Released
--
Fix critical security vulnerability (SA-CORE-2009-008)
https://bugs.launchpad.net/bugs/431080
You received this bug notification because you are a member of Ubuntu
Sponsors for universe, which is a direct subscriber.
More information about the Ubuntu-universe-sponsors
mailing list