Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
Pullup ticket #6663 - requested by taca
www/drupal9: security update
Revisions pulled up:
- www/drupal9/Makefile 1.5
- www/drupal9/PLIST 1.3
- www/drupal9/distinfo 1.3
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Sun Jul 31 14:26:59 UTC 2022
Modified Files:
pkgsrc/www/drupal9: Makefile PLIST distinfo
Log Message:
www/drupal9: update to 9.3.20
9.3.20 (2022-07-28)
This is a patch (bugfix) release of Drupal 9 and is ready for use on
production sites. Learn more about Drupal 9.
* Drupal core uses the third-party Diactoros library as its PSR-7
implementation. Diactoros has issued a security advisory:
* CVE-2022-31109: Diactoros before 2.11.1 vulnerable to HTTP Host Header
Attack
Drupal core is unlikely to be vulnerable. This bugfix release updates the
version of Diactoros used in drupal/core-recommended to a secure version as
a precaution.
9.3.19 (2022-07-20)
This is a security release of the Drupal 9 series.
This release fixes security vulnerabilities. Sites are urged to update
immediately after reading the notes below and the security announcement:
* Drupal core - Moderately critical - Information Disclosure -
SA-CORE-2022-012
* Drupal core - Moderately critical - Access Bypass - SA-CORE-2022-013
* Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014
* Drupal core - Moderately critical - Multiple vulnerabilities -
SA-CORE-2022-015
No other changes are included.
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/drupal9/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/drupal9/PLIST pkgsrc/www/drupal9/distinfo
| Revision | Action | file |
| 1.4.2.1 | modify | pkgsrc/www/drupal9/Makefile |
| 1.2.2.1 | modify | pkgsrc/www/drupal9/PLIST |
| 1.2.2.1 | modify | pkgsrc/www/drupal9/distinfo |