LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2007-2649 (drupal)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 7 Update: drupal-5.3-1.fc7


Date:
    	      Wed, 24 Oct 2007 00:15:27 -0700


Message-ID:
    	      <200710240715.l9O7FQja023071@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-2649
2007-10-24 07:15:23.618844
--------------------------------------------------------------------------------

Name        : drupal
Product     : Fedora 7
Version     : 5.3
Release     : 1.fc7
URL         : http://www.drupal.org
Summary     : An open-source content-management platform
Description :
Equipped with a powerful blend of features, Drupal is a Content Management
System written in PHP that can support a variety of websites ranging from
personal weblogs to large community-driven websites.  Drupal is highly
configurable, skinnable, and secure.

--------------------------------------------------------------------------------
Update Information:

- Upgrade to 5.3, fixes:
- HTTP response splitting.
- Arbitrary code execution.
- Cross-site scripting.
- Cross-site request forgery.
- Access bypass.

Remember to log in to your site as the admin user before upgrading this package.  After upgrading
the package, browse to http://host/drupal/update.php to run the upgrade script.
--------------------------------------------------------------------------------
References:

  [ 1 ] CVE-2007-5593
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200...
  [ 2 ] CVE-2007-5594
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200...
  [ 3 ] CVE-2007-5595
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200...
  [ 4 ] CVE-2007-5596
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200...
  [ 5 ] CVE-2007-5597
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200...
--------------------------------------------------------------------------------
Updated packages:

41c95f8bb4ba179a7307a6fc62cf37bb95924371 drupal-5.3-1.fc7.noarch.rpm
f5cf193c22cec390c1165dcf75ac6f2c378afce9 drupal-5.3-1.fc7.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update drupal' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds