Date: Fri, 19 Oct 2007 00:37:32 +0100 From: Nick Hilliard <nick@foobar.org> To: Linh Pham <question@closedsrc.org> Cc: freebsd-security@freebsd.org Subject: Re: www/drupal4 and www/drupal5: Multiple security vulnerabilities Message-ID: <4717EE3C.3050205@foobar.org> In-Reply-To: <20071018204404.GA95280@dalek.internal.closedsrc.org>
index | next in thread | previous in thread | raw e-mail
Linh Pham wrote: > The Drupal project announced several security vulnerabilities for the > 4.7.x and 5.x releases of the Drupal package. These effect two current > ports: www/drupal4 and www/drupal5. > > The following are the security advisories that were posted: > > 4.7.x: > * DRUPAL-SA-2007-024: http://drupal.org/node/184315 > * DRUPAL-SA-2007-026: http://drupal.org/node/184320 > * DRUPAL-SA-2007-030: http://drupal.org/node/184354 > > 5.x: > * DRUPAL-SA-2007-024: http://drupal.org/node/184315 > * DRUPAL-SA-2007-025: http://drupal.org/node/184316 > * DRUPAL-SA-2007-026: http://drupal.org/node/184320 > * DRUPAL-SA-2007-029: http://drupal.org/node/184348 > * DRUPAL-SA-2007-030: http://drupal.org/node/184354 > > While patches are available for 4.7.7 and 5.2, they recommend an update > to the latest version of the respective branches (4.7.8 and 5.3). I emailed security-team@ earlier today with patches for the vuxml database, and will get patches for 4.7.8 and 5.3 in the next day or two. Nickhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4717EE3C.3050205>