[Bug 431080] Re: Drupal 5.20 released to fix critical security vulnerability
Artur Rona
ari-tczew at tlen.pl
Wed Oct 7 02:37:07 UTC 2009
** Also affects: drupal6 (Ubuntu)
Importance: Undecided
Status: New
** Summary changed:
- Drupal 5.20 released to fix critical security vulnerability
+ Fix critical security vulnerability (SA-CORE-2009-008)
** Changed in: drupal6 (Ubuntu Karmic)
Status: New => In Progress
** Changed in: drupal6 (Ubuntu Karmic)
Assignee: (unassigned) => Artur Rona (ari-tczew)
** Changed in: drupal6 (Ubuntu Jaunty)
Status: New => In Progress
** Changed in: drupal6 (Ubuntu Jaunty)
Assignee: (unassigned) => Artur Rona (ari-tczew)
** Description changed:
Binary package hint: drupal5
- Drupal 5.20 has been released to fix a critical security vulnerability,
- as well as other, smaller issues. No new functionality has been
- included. Full details about the security issue addressed by this bugfix
- are available at http://drupal.org/node/579482 . The release
- announcement can be found at http://drupal.org/drupal-6.14 .
-
- Drupal 5.19 is not yet available upstream for merging.
+ Full details about the security issue addressed by this bugfix are
+ available at http://drupal.org/node/579482 . The release announcement
+ can be found at http://drupal.org/drupal-6.14 .
The vulnerability is:
* Attacker can fix and reuse a victim's session ID.
-
- New upstream (non-Debian) source:
- ftp://ftp.osuosl.org/pub/drupal/files/projects/drupal-5.20.tar.gz
--
Fix critical security vulnerability (SA-CORE-2009-008)
https://bugs.launchpad.net/bugs/431080
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list