Path to this page:
Next | Query returned 1 messages, browsing 1 to 10 | previous
CVS Commit History:
2008-11-03 04:38:14 by Tyler R. Retzlaff | Files touched by this commit (2) | |
Log message:
pullup ticket #2567 - requested by adrianp
drupal: update package for security fixes
revisions pulled up:
pkgsrc/www/drupal/Makefile 1.33, 1.34
pkgsrc/www/drupal/distinfo 1.24, 1.25
Module Name: pkgsrc
Committed By: adrianp
Date: Sun Oct 12 00:32:31 UTC 2008
Modified Files:
pkgsrc/www/drupal: Makefile distinfo
Log message:
This release fixes security vulnerabilities. Sites are urged to upgrade
+immediately after reading the security announcement:
* SA-2008-060 - Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed
+in the 5.11 release:
* - Patch 265899 by mfb: uri_brief mail token did not support https URLs.
* - Patch 170310 by mfb, JohnAlbin: avoid SSL cookie getting over-written by
+non-SSL cookie.
* 296096 by Damien Tournoud. Fix 5.10 Postgres install & update.
* - Patch 246143 by bjaspan, Damien Tournoud: make sure updates are run in
+numeric order, not in definition order.
* 181831 by Rob Loach. Backport of #130630 by chx: provide an id on the form
+item wrapper div.
* 283026 by Damien Tournoud. Make user_authenticate from external source (for
+existing users) work with no server part.
* 298535 by mkalkbrenner. Correct HTTP status code for failed connection.
* 108717 by add1sun and neclimdul. Code style.
* - Patch 230932 by ryanlath: file_scan_directory() didn't scan the directory
+called '0'. Backport by cridenour.
* follow up to 280621 by lilou: the object tag was disallowed in a previous
+version in filter_xss_admin(), so disallow param as well, which is only
+meaningful inside an object tag
* 208270 reported by Dries, patch by jvandyk: it was not possible to clear the
+XML-RPC error cache, making it impossible to do multiple queries in one
+request. Add xmlrpc_clear_error() and slightly modify xmlrpc_error() to fix.
* - Patch 308549 by lyrincz, Dave Reid: fixed broken link in PHPdoc.
* 67895 patch by goba, tested by JirkaRybka and blackdog: move poll votes with
+poll options, when an option is removed, instead of dropping all old votes,
+solving an old data loss bug. Backport by dww.
* 312730 by Damien Tournoud. hook_requirements('install') should work for
+modules that don't reside in the main './modules' folder.
------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Oct 23 21:33:21 UTC 2008
Modified Files:
pkgsrc/www/drupal: Makefile distinfo
Log message:
Update to 5.12
The twelfth maintenance and security release of the Drupal 5 series. Only
fixes for security vulnerabilities and other bugs have been committed. New
features are only being added to the forthcoming Drupal 7.0 release.
This release fixes security vulnerabilities. Sites are urged to upgrade
immediately after reading the security announcement:
* SA-2008-067 - Drupal core - Multiple vulnerabilities
|
Next | Query returned 1 messages, browsing 1 to 10 | previous