Patrick Schoenfeld wrote: > Tags 508473 + patch > thanks > > Hi, > >> Drupal 6.7 was released today in response to a cross site request >> forgeries. Malicious users may cause the superuser (user 1) to execute >> old updates that may damage the database. This is described in the >> Drupal advisory SA-2008-073 - http://drupal.org/node/345441 > > I'm not sure if a new upstream release is deemed acceptable by the > release team, but in case its not, the stated URL contains a patch, > which only fixes the security issue. The patch is available at the > following URL: > > http://drupal.org/files/sa-2008-073/SA-2008-073-6.6.patch
An upload only including the patch would be appreciated. Cheers Luk -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
