Bug#495122: marked as done (drupal5: Drupal Core - Multiple vulnerabilities - SA-2008-047)

Debian Bug Tracking System Mon, 18 Aug 2008 05:19:55 -0700

Your message dated Mon, 18 Aug 2008 11:47:03 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#495122: fixed in drupal5 5.9-1.1+lenny1
has caused the Debian Bug report #495122,
regarding drupal5: Drupal Core - Multiple vulnerabilities - SA-2008-047
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)


-- 
495122: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495122
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems

--- Begin Message ---

Package: drupal5
Version: 5.9-1
Severity: grave
Tags: security
Justification: user security hole


Drupal 5.9 suffers from several vulnerabilities (XSS). See
http://drupal.org/node/295053 for more details. Please upload Drupal 5.10
soon. Thx!

Regards, 
Ingo

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-xen-amd64
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages drupal5 depends on:
ii  apache2                   2.2.3-4+etch5  Next generation, scalable, extenda
ii  apache2-mpm-prefork [http 2.2.3-4+etch5  Traditional model for Apache HTTPD
ii  curl                      7.15.5-1etch1  Get a file from an HTTP, HTTPS, FT
ii  dbconfig-common           1.8.29+etch1   common framework for packaging dat
ii  debconf                   1.5.11etch2    Debian configuration management sy
ii  exim4-daemon-heavy [mail- 4.63-17        exim MTA (v4) daemon with extended
ii  mysql-client              5.0.32-7etch6  mysql database client (meta packag
ii  mysql-client-5.0 [mysql-c 5.0.32-7etch6  mysql database client binaries
ii  php5                      5.2.0-8+etch11 server-side, HTML-embedded scripti
ii  php5-gd                   5.2.0-8+etch11 GD module for php5
ii  php5-mysql                5.2.0-8+etch11 MySQL module for php5
ii  php5-pgsql                5.2.0-8+etch11 PostgreSQL module for php5
ii  wwwconfig-common          0.0.48         Debian web auto configuration

Versions of packages drupal5 recommends:
pn  mysql-server | postgresql     <none>     (no description available)

-- debconf information excluded

--- End Message ---

--- Begin Message ---

Source: drupal5
Source-Version: 5.9-1.1+lenny1

We believe that the bug you reported is fixed in the latest version of
drupal5, which is due to be installed in the Debian FTP archive:

drupal5_5.9-1.1+lenny1.diff.gz
  to pool/main/d/drupal5/drupal5_5.9-1.1+lenny1.diff.gz
drupal5_5.9-1.1+lenny1.dsc
  to pool/main/d/drupal5/drupal5_5.9-1.1+lenny1.dsc
drupal5_5.9-1.1+lenny1_all.deb
  to pool/main/d/drupal5/drupal5_5.9-1.1+lenny1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Antoine Beaupré <[EMAIL PROTECTED]> (supplier of updated drupal5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 16 Aug 2008 12:13:23 -0300
Source: drupal5
Binary: drupal5
Architecture: source all
Version: 5.9-1.1+lenny1
Distribution: testing-security
Urgency: high
Maintainer: Luigi Gangitano <[EMAIL PROTECTED]>
Changed-By: Antoine Beaupré <[EMAIL PROTECTED]>
Description: 
 drupal5    - a fully-featured content management framework
Closes: 495122
Changes: 
 drupal5 (5.9-1.1+lenny1) testing-security; urgency=high
 .
   * Non-maintainer upload
   * Urgency high due to security fixes
   * Fixes Multiple vulnerabilities to the Drupal core (Ref: SA-2008-047) 
(Closes: #495122)
Checksums-Sha1: 
 b6849c955187fb92b3fffeb8cd7566d0ce4dd086 1114 drupal5_5.9-1.1+lenny1.dsc
 9f82a7570c936e0f2e4211db2ff0ae1fc84b36df 34588 drupal5_5.9-1.1+lenny1.diff.gz
 f6addc65ecd2a00112a00e38526b473c29103ea4 789690 drupal5_5.9-1.1+lenny1_all.deb
Checksums-Sha256: 
 78c12da2899420865a83b49b3131987fc4644db80d968ccd40c279fb5ead6542 1114 
drupal5_5.9-1.1+lenny1.dsc
 f53aa0ecbfdf188e8b0c7e9a25c44633215e47cc7137993d63b9a35e547e3a5f 34588 
drupal5_5.9-1.1+lenny1.diff.gz
 00eff4966fcaba40bd51287ab0eca729380586f35982714a8cd1eb29e50ffc06 789690 
drupal5_5.9-1.1+lenny1_all.deb
Files: 
 0029a0e00de8b93653e17af05c49b6d0 1114 web extra drupal5_5.9-1.1+lenny1.dsc
 4ea88a7c84cde5eaa1893ee0c2874b57 34588 web extra drupal5_5.9-1.1+lenny1.diff.gz
 eed02f0ff5f04c59d0ff68a3ae1d8cc1 789690 web extra 
drupal5_5.9-1.1+lenny1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkipXiUACgkQHYflSXNkfP+bwQCfeJMU7g6zPiR70PpymGAq3C/u
V68AnRrC/sfTCYXtFz2x540Ixml8hxFW
=XGDA
-----END PGP SIGNATURE-----

--- End Message ---

Bug#495122: marked as done (drupal5: Drupal Core - Multiple vulnerabilities - SA-2008-047)

Reply via email to