pkgsrc.se | The NetBSD package collection

./www/drupal9, Open source content management system

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2022Q2, Version: 9.3.20, Package name: php74-drupal-9.3.20, Maintainer: pkgsrc-users

Drupal is a free web Content Management System (CMS) that allows an
individual or a community of users to easily publish, manage and organize
a wide variety of content on a website.

Drupal is ready to go from the moment you download it. It even has an
easy-to-use web installer! The built-in functionality, combined with dozens
of freely available add-on modules, will enable features such as: Content
Management Systems, Blogs, Collaborative authoring environments, Forums,
Peer-to-peer networking, Newsletters, Podcasting, Picture galleries, File
uploads/downloads and much more.

Package options: apache, mysql

Master sites:

http://ftp.drupal.org/files/projects/ (Download)

Filesize: 20469.839 KB

Version history: (Expand)

(2022-08-27) Updated to version: php74-drupal-9.3.20
(2022-06-30) Package added to pkgsrc.se, version php74-drupal-9.3.14 (created)

CVS history: (Expand)

2022-08-27 18:42:12 by S.P.Zeidler | Files touched by this commit (3) | Package updated

Log message:
Pullup ticket #6663 - requested by taca
www/drupal9: security update

Revisions pulled up:
- www/drupal9/Makefile                                          1.5
- www/drupal9/PLIST                                             1.3
- www/drupal9/distinfo                                          1.3

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Sun Jul 31 14:26:59 UTC 2022

   Modified Files:
   	pkgsrc/www/drupal9: Makefile PLIST distinfo

   Log message:
   www/drupal9: update to 9.3.20

   9.3.20 (2022-07-28)

   This is a patch (bugfix) release of Drupal 9 and is ready for use on
   production sites.  Learn more about Drupal 9.

   * Drupal core uses the third-party Diactoros library as its PSR-7
     implementation. Diactoros has issued a security advisory:

   * CVE-2022-31109: Diactoros before 2.11.1 vulnerable to HTTP Host Header
     Attack

   Drupal core is unlikely to be vulnerable.  This bugfix release updates the
   version of Diactoros used in drupal/core-recommended to a secure version as
   a precaution.

   9.3.19 (2022-07-20)

   This is a security release of the Drupal 9 series.

   This release fixes security vulnerabilities.  Sites are urged to update
   immediately after reading the notes below and the security announcement:

   * Drupal core - Moderately critical - Information Disclosure -
     SA-CORE-2022-012

   * Drupal core - Moderately critical - Access Bypass - SA-CORE-2022-013

   * Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014

   * Drupal core - Moderately critical - Multiple vulnerabilities -
     SA-CORE-2022-015

   No other changes are included.

   To generate a diff of this commit:
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/drupal9/Makefile
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/drupal9/PLIST pkgsrc/www/drupal9/distinfo