[SECURITY] Fedora 9 Update: drupal-6.11-1.fc9

updates at fedoraproject.org updates at fedoraproject.org
Sat May 2 16:40:42 UTC 2009


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-4203
2009-05-02 16:03:17
--------------------------------------------------------------------------------

Name        : drupal
Product     : Fedora 9
Version     : 6.11
Release     : 1.fc9
URL         : http://www.drupal.org
Summary     : An open-source content-management platform
Description :
Equipped with a powerful blend of features, Drupal is a Content Management
System written in PHP that can support a variety of websites ranging from
personal weblogs to large community-driven websites.  Drupal is highly
configurable, skinnable, and secure.

--------------------------------------------------------------------------------
Update Information:

6.11, Fix for SA-CORE-2009-005.    See http://drupal.org/node/449078 for more
information.    Remember to log in to your site as the admin user before
upgrading this package. After upgrading the package, browse to
http://host/drupal/update.php to run the upgrade script.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Apr 30 2009 Jon Ciesla <limb at jcomserv.net> - 6.11-1
- Update to 6.11, SA-CORE-2009-005.
* Mon Apr 27 2009 Jon Ciesla <limb at jcomserv.net> - 6.10-2
- Added SELinux/sendmail note to README, BZ 497642.
* Thu Feb 26 2009 Jon Ciesla <limb at jcomserv.net> - 6.10-1
- Update to 6.10, SA-CORE-2009-003.
* Tue Feb 17 2009 Jon Ciesla <limb at jcomserv.net> - 6.9-2
- Drop pre script for files move, 472642.
- Updated drupal-README.fedora.
- Mark cron job noreplace, BZ 485567.
* Thu Jan 15 2009 Jon Ciesla <limb at jcomserv.net> - 6.9-1
- Upgrade to 6.9, SA-CORE-2009-001.
* Fri Jan  2 2009 Jon Ciesla <limb at jcomserv.net> - 6.8-1
- Upgrade to 6.8.
- Move files directories from sites to /var/lib/drupal/files/N for selinux reasons, 472642.
- Included script to move files outside of default, use at your own risk, patches welcome.
* Thu Dec 11 2008 Jon Ciesla <limb at jcomserv.net> - 6.7-1
- Upgrade to 6.7, SA-2008-073.
* Wed Oct 22 2008 Jon Ciesla <limb at jcomserv.net> - 6.6-1
- Upgrade to 6.6, SA-2008-067.
* Thu Oct  9 2008 Jon Ciesla <limb at jcomserv.net> - 6.5-1
- Upgrade to 6.5, SA-2008-060.
- Added notes to README and drupal.conf re CVE-2008-3661.
* Thu Aug 14 2008 Jon Ciesla <limb at jcomserv.net> - 6.4-1
- Upgrade to 6.4, SA-2008-047.
* Thu Jul 10 2008 Jon Ciesla <limb at jcomserv.net> - 6.3-1
- Upgrade to 6.3, upstream security fixes, SA-2008-044.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #498643 - drupal: XSS vulnerability in < 6.11 (SA-CORE-2009-005)
        https://bugzilla.redhat.com/show_bug.cgi?id=498643
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update drupal' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the package-announce mailing list