> The new upstream release 4.5.4 resolves this issue.
If the bugs are fixed in the current version then they should be closed
*now*, not waiting until the next upload.
Version 4.5.5 (and 4.6.3) does not have an XML-RPC security hole to our
best knowledge.
Karoly Negyesi
Drupal security tea
On Tue, Aug 30, 2005 at 01:44:33PM +0200, Moritz Muehlenhoff wrote:
> Moritz Muehlenhoff wrote:
> > Package: drupal
> > Severity: grave
> > Tags: security
> > Justification: user security hole
> > [I'm pretty sure you are already aware of it; but here it is anyway]
> > Another XMLRPC vulnerabilit
Moritz Muehlenhoff wrote:
> Package: drupal
> Severity: grave
> Tags: security
> Justification: user security hole
>
> [I'm pretty sure you are already aware of it; but here it is anyway]
>
> Another XMLRPC vulnerability has been detected that affects Drupal
> as well. Please see http://www.harde
Package: drupal
Severity: grave
Tags: security
Justification: user security hole
[I'm pretty sure you are already aware of it; but here it is anyway]
Another XMLRPC vulnerability has been detected that affects Drupal
as well. Please see http://www.hardened-php.net/advisory_142005.66.html
for info
4 matches
Mail list logo
