pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/drupal This release fixes security vulnerabilities...
details: https://anonhg.NetBSD.org/pkgsrc/rev/a2888fce77dc
branches: trunk
changeset: 548213:a2888fce77dc
user: adrianp <adrianp%pkgsrc.org@localhost>
date: Sun Oct 12 00:32:31 2008 +0000
description:
This release fixes security vulnerabilities. Sites are urged to upgrade immediately after reading the security announcement:
* SA-2008-060 - Drupal core - Multiple vulnerabilities
In addition to this security vulnerability, the following bugs have been fixed in the 5.11 release:
* - Patch 265899 by mfb: uri_brief mail token did not support https URLs.
* - Patch 170310 by mfb, JohnAlbin: avoid SSL cookie getting over-written by non-SSL cookie.
* 296096 by Damien Tournoud. Fix 5.10 Postgres install & update.
* - Patch 246143 by bjaspan, Damien Tournoud: make sure updates are run in numeric order, not in definition order.
* 181831 by Rob Loach. Backport of #130630 by chx: provide an id on the form item wrapper div.
* 283026 by Damien Tournoud. Make user_authenticate from external source (for existing users) work with no server part.
* 298535 by mkalkbrenner. Correct HTTP status code for failed connection.
* 108717 by add1sun and neclimdul. Code style.
* - Patch 230932 by ryanlath: file_scan_directory() didn't scan the directory called '0'. Backport by cridenour.
* follow up to 280621 by lilou: the object tag was disallowed in a previous version in filter_xss_admin(), so disallow param as well, which is only meaningful inside an object tag
* 208270 reported by Dries, patch by jvandyk: it was not possible to clear the XML-RPC error cache, making it impossible to do multiple queries in one request. Add xmlrpc_clear_error() and slightly
modify xmlrpc_error() to fix.
* - Patch 308549 by lyrincz, Dave Reid: fixed broken link in PHPdoc.
* 67895 patch by goba, tested by JirkaRybka and blackdog: move poll votes with poll options, when an option is removed, instead of dropping all old votes, solving an old data loss bug. Backport by
dww.
* 312730 by Damien Tournoud. hook_requirements('install') should work for modules that don't reside in the main './modules' folder.
diffstat:
www/drupal/Makefile | 4 ++--
www/drupal/distinfo | 8 ++++----
2 files changed, 6 insertions(+), 6 deletions(-)
diffs (25 lines):
diff -r 21e1be047fd3 -r a2888fce77dc www/drupal/Makefile
--- a/www/drupal/Makefile Sat Oct 11 22:34:48 2008 +0000
+++ b/www/drupal/Makefile Sun Oct 12 00:32:31 2008 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.32 2008/08/15 15:54:08 taca Exp $
+# $NetBSD: Makefile,v 1.33 2008/10/12 00:32:31 adrianp Exp $
-DISTNAME= drupal-5.10
+DISTNAME= drupal-5.11
CATEGORIES= www
MASTER_SITES= http://drupal.org/files/projects/
diff -r 21e1be047fd3 -r a2888fce77dc www/drupal/distinfo
--- a/www/drupal/distinfo Sat Oct 11 22:34:48 2008 +0000
+++ b/www/drupal/distinfo Sun Oct 12 00:32:31 2008 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.23 2008/08/15 15:54:08 taca Exp $
+$NetBSD: distinfo,v 1.24 2008/10/12 00:32:31 adrianp Exp $
-SHA1 (drupal-5.10.tar.gz) = 0c722d75608e25039ffee448a450721aba1de64a
-RMD160 (drupal-5.10.tar.gz) = d424e59aad91e7e6a95c101b0bdc98c19ae3a686
-Size (drupal-5.10.tar.gz) = 762496 bytes
+SHA1 (drupal-5.11.tar.gz) = 79eada127a061052a922ba95d6daaf19bc8e81e5
+RMD160 (drupal-5.11.tar.gz) = ca90143c58927001d38b6dd96750d1b7acce9aab
+Size (drupal-5.11.tar.gz) = 764279 bytes
Home |
Main Index |
Thread Index |
Old Index