Your message dated Tue, 14 Oct 2008 14:17:03 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#501640: fixed in drupal6 6.4-2 has caused the Debian Bug report #501640, regarding [drupal5] SA-2008-060 - Drupal core - Multiple vulnerabilities to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 501640: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501640 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems
--- Begin Message ---Package: drupal5 Severity: grave Tags: security X-Debbugs-CC: [EMAIL PROTECTED] --- Please enter the report below this line. --- Hi! See the Drupal SA-2008-060 for more details: ------------SA-2008-060 - DRUPAL CORE - MULTIPLE VULNERABILITIES------------ * Advisory ID: DRUPAL-SA-2008-060 * Project: Drupal core * Versions: 5.x and 6.x * Date: 2008-October-8 * Security risk: Critical * Exploitable from: Remote * Vulnerability: Multiple vulnerabilities ------------DESCRIPTION------------ Multiple vulnerabilities and weaknesses were discovered in Drupal. Thanks for your continous work on drupal5 and keeping pace with all those security updates in drupal! :-) Regards, Ingo --- System information. --- Architecture: powerpc Kernel: Linux 2.6.26.2 Debian Release: lenny/sid 500 unstable ftp2.de.debian.org --- Package information. --- Depends (Version) | Installed =======================-+-=========== | -- Ciao... // Fon: 0381-2744150 Ingo \X/ http://blog.windfluechter.net gpg pubkey: http://www.juergensmann.de/ij_public_key.asc
--- End Message ---
--- Begin Message ---Source: drupal6 Source-Version: 6.4-2 We believe that the bug you reported is fixed in the latest version of drupal6, which is due to be installed in the Debian FTP archive: drupal6_6.4-2.diff.gz to pool/main/d/drupal6/drupal6_6.4-2.diff.gz drupal6_6.4-2.dsc to pool/main/d/drupal6/drupal6_6.4-2.dsc drupal6_6.4-2_all.deb to pool/main/d/drupal6/drupal6_6.4-2_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Luigi Gangitano <[EMAIL PROTECTED]> (supplier of updated drupal6 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Fri, 14 Oct 2008 15:47:20 +0200 Source: drupal6 Binary: drupal6 Architecture: source all Version: 6.4-2 Distribution: unstable Urgency: high Maintainer: Luigi Gangitano <[EMAIL PROTECTED]> Changed-By: Luigi Gangitano <[EMAIL PROTECTED]> Description: drupal6 - a fully-featured content management framework Closes: 501058 501640 Changes: drupal6 (6.4-2) unstable; urgency=high . [ Luigi Gangitano ] * Urgency high due to security fixes . * debian/patches/11-SA-2008-060 - Added upstream patch fixing several security vulnerabilities (Ref: SA-2008-060, CVE-TBA) (Closes: #501640) . * debian/README.Debian - Added a notice about cookie security and session.cookie_secure configuration (Ref: CVE-2008-3661) (Closes: #501058) Checksums-Sha1: b0f61541c66917e510cf22aa63ad0d3c014bf541 1105 drupal6_6.4-2.dsc 9a1269e6ce8d7c0545349becfe623b42a2227beb 18137 drupal6_6.4-2.diff.gz 3852d598200d85ff398c6b66fd1b7024d2a67c18 1098462 drupal6_6.4-2_all.deb Checksums-Sha256: cf61ec038cadfa0b5b679f93ef6b1221c0f7d4c449d5e724ad36deaeb42c0731 1105 drupal6_6.4-2.dsc 57e3c283ee591be1a0df5b984655be9ca147f21234ae42e3098c8c0d74e7dada 18137 drupal6_6.4-2.diff.gz d6e7633c4aa4afd2d4bb372773aca3ce2d118b8a833815d2ee47bb2feb54e43e 1098462 drupal6_6.4-2_all.deb Files: b6f68594c39ff4a6cdbec0c5681eaefe 1105 web extra drupal6_6.4-2.dsc 0cb862158b0b8545b69ff86d3d12cb80 18137 web extra drupal6_6.4-2.diff.gz 2540c879cc20644ee3894bc8416602fb 1098462 web extra drupal6_6.4-2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) iEYEARECAAYFAkj0pwgACgkQ8ZumGJJMDCb95wCfcCuewupKVZGoyxqtXve4jWB9 4g8An1vBWAKa7LF08a6TiONvb6ubXUBg =fbTQ -----END PGP SIGNATURE-----
--- End Message ---
