www/drupal4 and www/drupal5: Multiple security vulnerabilities
Linh Pham
question at closedsrc.org
Thu Oct 18 13:54:31 PDT 2007
The Drupal project announced several security vulnerabilities for the
4.7.x and 5.x releases of the Drupal package. These effect two current
ports: www/drupal4 and www/drupal5.
The following are the security advisories that were posted:
4.7.x:
* DRUPAL-SA-2007-024: http://drupal.org/node/184315
* DRUPAL-SA-2007-026: http://drupal.org/node/184320
* DRUPAL-SA-2007-030: http://drupal.org/node/184354
5.x:
* DRUPAL-SA-2007-024: http://drupal.org/node/184315
* DRUPAL-SA-2007-025: http://drupal.org/node/184316
* DRUPAL-SA-2007-026: http://drupal.org/node/184320
* DRUPAL-SA-2007-029: http://drupal.org/node/184348
* DRUPAL-SA-2007-030: http://drupal.org/node/184354
While patches are available for 4.7.7 and 5.2, they recommend an update
to the latest version of the respective branches (4.7.8 and 5.3).
--
Linh Pham
question at closedsrc.org
http://closedsrc.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20071018/9236c22a/attachment.pgp
More information about the freebsd-security
mailing list