Change log for drupal6 package in Ubuntu

127 of 27 results
Deleted in saucy-release on 2015-04-28 (Reason: (From Debian) RoQA; obsolete; Debian bug #708746)
Obsolete in raring-release on 2015-04-24
Obsolete in quantal-release on 2015-04-24
drupal6 (6.26-1.1ubuntu1) quantal; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - adding debconf note to guide user post install
  * Droped change, applied in debian:
    - debian/rules: Add PACKAGE variable, fix FTBFS (Closes: #673295)

Available diffs

Superseded in quantal-release on 2012-05-31
drupal6 (6.26-1ubuntu1) quantal; urgency=low

  * Merge from debian unstable.  Remaining changes:
    - adding debconf note to guide user post install
  * debian/rules: Add PACKAGE variable, fix FTBFS (Closes: #673295)

Available diffs

Superseded in quantal-release on 2012-05-17
Published in precise-release on 2011-10-13
Obsolete in oneiric-release on 2015-04-24
drupal6 (6.22-1ubuntu1) oneiric; urgency=low

  * Merge from debian unstable.  Remaining changes:
    - adding debconf note to guide user post install

Available diffs

Superseded in oneiric-release on 2011-06-20
drupal6 (6.20-2ubuntu1) oneiric; urgency=low

  * Merge from debian unstable. Remaining change:
    - adding debconf note to guide user post install (LP: #370994)

Available diffs

Superseded in oneiric-release on 2011-05-16
Obsolete in natty-release on 2013-06-04
drupal6 (6.20-1ubuntu1) natty; urgency=low

  * Merge from debian unstable. Remaining change:
    - adding debconf note to guide user post install (LP: #370994)

Available diffs

Obsolete in karmic-updates on 2013-03-04
Obsolete in karmic-security on 2013-03-04
Superseded in karmic-security on 2011-02-09
drupal6 (6.12-1.1ubuntu1.2) karmic-security; urgency=low

  * SECURITY UPDATE: Multiple vulnerabilities and weaknesses
    (OpenID authentication bypass, file download access bypass,
    comment unpublishing bypass, and actions cross site scripting)
    were discovered in Drupal. (LP: #539056)
    - debian/patches/21_SA-CORE-2010-002.dpatch
    - CVE-2010-3685
    - CVE-2010-3686
    - SA-CORE-2010-002
  * SECURITY UPDATE: Multiple vulnerabilities and weaknesses
    (installation cross site scripting, open redirection, locale
    module cross site scripting and blocked user session regeneration)
    were discovered in Drupal. (LP: #539056)
    - debian/patches/21_SA-CORE-2010-002.dpatch
    - CVE-2010-3091
    - CVE-2010-3092
    - CVE-2010-3093
    - CVE-2010-3094
    - SA-CORE-2010-001
 -- Artur Rona <email address hidden>   Tue, 28 Dec 2010 01:56:09 +0100
Obsolete in lucid-updates on 2016-10-26
Obsolete in lucid-security on 2016-10-26
Superseded in lucid-security on 2011-02-09
drupal6 (6.16-1ubuntu0.1) lucid-security; urgency=low

  * SECURITY UPDATE: Multiple vulnerabilities and weaknesses
    (OpenID authentication bypass, file download access bypass,
    comment unpublishing bypass, and actions cross site scripting)
    were discovered in Drupal. (LP: #539056)
    - debian/patches/21_SA-CORE-2010-002.dpatch
    - CVE-2010-3685
    - CVE-2010-3686
    - SA-CORE-2010-002
 -- Artur Rona <email address hidden>   Tue, 28 Dec 2010 01:23:57 +0100
Superseded in natty-release on 2011-02-19
Obsolete in maverick-release on 2013-03-05
drupal6 (6.18-1ubuntu1) maverick; urgency=low

  * adding debconf note to guide user post install (LP: #370994)
 -- Clint Byrum <email address hidden>   Wed, 06 Oct 2010 13:03:22 +0200

Available diffs

Superseded in maverick-release on 2010-10-06
drupal6 (6.18-1) unstable; urgency=high

  [ Luigi Gangitano ]
  * Urgency high due to security fixes

  * New upstream release
    - Fixes multiple remote vulnerabilities (Closes: #592716)
      (Ref: SA-CORE-2010-002, CVE-TBA)

  * debian/control
    - Bumped Standard-Version to 3.9.1.0, no change needed
 -- Artur Rona <email address hidden>   Tue, 24 Aug 2010 16:17:22 +0200

Available diffs

Superseded in maverick-release on 2010-08-30
drupal6 (6.17-2) unstable; urgency=low

  * debian/control
    - Removed dependency on exim4, now depends on default-mda (Closes: #587239)
    - Bumped Standard-Version to 3.9.0, no change needed

  * debian/drupal6.postrm
    - Made postrm check for restart.sh in case dependencies were not properly
      installed (thanks to Bhavani Shankar.R, from Ubuntu)

Available diffs

Superseded in maverick-release on 2010-07-01
drupal6 (6.16-1ubuntu1) maverick; urgency=low

  * Changing exim4 to default-mta (LP: #582255)
  * made postrm check for restart.sh in case dependencies
    were not properly installed. (LP: #583576)
 -- Clint Byrum <email address hidden>   Tue, 18 May 2010 13:32:55 -0700

Available diffs

Superseded in maverick-release on 2010-05-21
Obsolete in lucid-release on 2016-10-26
drupal6 (6.16-1) unstable; urgency=high

  [ Luigi Gangitano ]  
  * Urgency high due to security fixes

  * New upstream release
    - Fixes multiple vulnerabilities (Closes: #572439)
      (Ref: SA-CORE-2010-001, CVE-TBA)

Available diffs

Superseded in karmic-updates on 2011-02-09
Superseded in karmic-security on 2011-02-09
drupal6 (6.12-1.1ubuntu1.1) karmic-security; urgency=low

  * debian/patches/22_SA-CORE-2009-009.dpatch:
    - SECURITY UPDATE due to multiple vulnerabilities
      and weaknesses were discovered in Drupal (LP: #510421)
    - CVE-2009-4369
    - CVE-2009-4370
    - CVE-2009-4371
 -- Artur Rona <email address hidden>   Mon, 22 Feb 2010 00:13:26 +0100
Obsolete in jaunty-updates on 2013-02-28
Obsolete in jaunty-security on 2013-02-28
drupal6 (6.10-1ubuntu0.2) jaunty-security; urgency=low

  * debian/patches/22_SA-CORE-2009-009.dpatch:
    - SECURITY UPDATE due to multiple vulnerabilities
      and weaknesses were discovered in Drupal (LP: #510421)
    - CVE-2009-4369
    - CVE-2009-4370
    - CVE-2009-4371
 -- Artur Rona <email address hidden>   Mon, 22 Feb 2010 00:12:33 +0100
Superseded in lucid-release on 2010-04-12
drupal6 (6.15-1) unstable; urgency=low

  * New upstream release (Closes: #561726)
    - Fixes several XSS vulnerabilities (Closes: #562165)
      (Ref: SA-CORE-2009-009, CVE-2009-4369, CVE-2009-4370, CVE-2009-4371)

  * debian/rules
    - Use dh_prep instead of dh_clean -k

  * debian/control
    - Upgraded versioned dependency on debhelper to 7

  * debian/README.source
    - Added directions on source handling
 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  18 Jan 2010 07:30:21 +0000

Available diffs

Superseded in lucid-release on 2010-01-18
drupal6 (6.14-1) unstable; urgency=low

  * New upstream release
    - Removed security patches integrate upstream
      + 20_SA-CORE-2009-007
    - Fixes multiple vulnerabilities (Ref: SA-CORE-2009-008)
      (Closes: #547140)

  * debian/control
    - Bumped Standard-Version to 3.8.3, no change needed

  * debian/compat
    - Switch debhelper compatibility to 7

  * debian/copyright
    - Added reference to copyright file with version

Available diffs

Superseded in lucid-release on 2009-12-05
drupal6 (6.12-1.1ubuntu2) lucid; urgency=low

  * debian/control, debian/drupal6.postinst: Drop wwwconfig as we get it ready for main.
 -- Chuck Short <email address hidden>   Fri, 04 Dec 2009 13:37:42 -0500

Available diffs

Superseded in jaunty-updates on 2010-02-23
Superseded in jaunty-security on 2010-02-22
drupal6 (6.10-1ubuntu0.1) jaunty-security; urgency=low

  * debian/patches/18_SA-CORE-2009-005.dpatch:
    - Fix cross site scripting, see SA-CORE-2009-005
    - CVE-2009-1576
  * debian/patches/19_SA-CORE-2009-006.dpatch:
    - Fix cross site scripting, see SA-CORE-2009-006
  * debian/patches/20_SA-CORE-2009-007.dpatch:
    - Fix possible password leakage via URLs.
    - CVE-2009-2372
    - CVE-2009-2373
    - CVE-2009-2374
  * debian/patches/21_SA-CORE-2009-008.dpatch:
    - Fix security issues (session fixation),
      see SA-CORE-2009-008 (LP: #431080)

 -- Artur Rona <email address hidden>   Sun, 25 Oct 2009 16:19:12 +0100
Superseded in lucid-release on 2009-12-04
Obsolete in karmic-release on 2013-03-04
drupal6 (6.12-1.1ubuntu1) karmic; urgency=high

  * debian/patches/21_SA-CORE-2009-008.dpatch:
    - Fixed security issues (session fixation),
      see SA-CORE-2009-008 (LP: #431080).
  * debian/README.source: Added for silence lintian's warning.

 -- Artur Rona <email address hidden>   Sat, 10 Oct 2009 18:42:02 +0200

Available diffs

Superseded in karmic-release on 2009-10-16
drupal6 (6.12-1.1) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Apply upstream patch to fix:
    - XSS in the forum module
    - Input format access bypass via signatures
    - Password leakage via URLs
    (no CVE id yet; SA-CORE-2009-007; Closes: #535435).

 -- Michael Bienia <email address hidden>   Thu,  09 Jul 2009 00:21:04 +0100

Available diffs

Superseded in karmic-release on 2009-07-09
drupal6 (6.12-1) unstable; urgency=low

  [ Luigi Gangitano ]
  * New upstream release (Closes: #529309)
    (Acknoledges NMU by Security Team) (Closes: #531386)
    - Removed security patch integrate upstream
      + 20_xss

  * debian/{control,rules,links}
    - Removed dependency on libjs-jquery and use jquery.js from drupal
      sources to avoid conflict with newer version of jquery
      (Closes: #530779)

 -- Ubuntu Archive Auto-Sync <email address hidden>   Thu,  04 Jun 2009 05:47:30 +0100

Available diffs

Superseded in karmic-release on 2009-06-04
drupal6 (6.11-1.1) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix several XSS issues (SA-CORE-2009-006; Closes: #529190).

 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  01 Jun 2009 10:42:07 +0100

Available diffs

Superseded in karmic-release on 2009-06-01
drupal6 (6.11-1) unstable; urgency=low

  [ Luigi Gangitano ]
  * New upstream release
    - Fixes XSS vulnerability (Ref: SA-CORE-2009-005, CVE-TBD)
      (Closes: #526378)

 -- Ubuntu Archive Auto-Sync <email address hidden>   Tue,  05 May 2009 09:14:22 +0100

Available diffs

Superseded in karmic-release on 2009-05-05
Obsolete in jaunty-release on 2013-02-28
drupal6 (6.10-1) unstable; urgency=low

  [ Luigi Gangitano ]
  * New upstream release
    - This version fixes two Windows-only security issues
      (Ref: SA-CORE-2009-003, SA-CORE-2009-004)
      Debian is not affected by this vulnerabilites

Available diffs

Superseded in jaunty-release on 2009-04-03
drupal6 (6.6-3) unstable; urgency=high

  [ Luigi Gangitano ]  
  * Urgency high due to security fixes

  * debian/patches/13_SA-CORE-2009-001
    - Added upstream patch fixing multiple vulnerabilities
      (Ref: SA-CORE-2009-001, CVE-TBD)

Available diffs

Superseded in jaunty-release on 2009-01-21
drupal6 (6.6-1.1) unstable; urgency=high

  * Non-maintainer upload.
  * Urgency high because this fixes a security issue
  * Include upstream patch for SA-2008-073, to fix a security issue:
    The update system is vulnerable to Cross site request forgeries. Malicious
    users may cause the superuser (user 1) to execute old updates that may
    damage the database.
    (Closes: #508473)

 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  15 Dec 2008 10:20:07 +0000

Available diffs

Superseded in jaunty-release on 2008-12-15
drupal6 (6.6-1) unstable; urgency=high

  [ Luigi Gangitano ]  
  * Urgency high due to security fixes

  * New upstream release
    - Fixes two security vulnerabilities
      (Ref: SA-2008-067, CVE-TBA) (Closes: #503222)

  * debian/drual6.postrm
    - Fixed missing -e option to make lintian happy

  * debian/patches/10_cronjob.dpatch
    - Added patch descritpion to make lintian happy

  * debian/control
    - Bumped Standard-Version to 3.8.0, no change needed

  * debian/{control,rules,links}
    - Added dependency on libjs-jquery and use jquery.js from it

127 of 27 results