CVS commit: [pkgsrc-2009Q1] pkgsrc/www/drupal

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2009Q1] pkgsrc/www/drupal
From: Matthias Scheler <tron%netbsd.org@localhost>
Date: Fri, 15 May 2009 11:30:51 +0000

Module Name:    pkgsrc
Committed By:   tron
Date:           Fri May 15 11:30:51 UTC 2009

Modified Files:
        pkgsrc/www/drupal [pkgsrc-2009Q1]: Makefile distinfo

Log Message:
Pullup ticket #2769 - requested by adrianp
drupal: security update

Revisions pulled up:
- www/drupal/Makefile           1.38-1.39
- www/drupal/distinfo           1.29-1.30
---
Module Name:    pkgsrc
Committed By:   adrianp
Date:           Fri May  1 19:49:42 UTC 2009

Modified Files:
        pkgsrc/www/drupal: Makefile distinfo

Log Message:
Update to 5.17

This release fixes security vulnerabilities. Sites are urged to upgrade 
immediately after reading the security announcement:

* SA-CORE-2009-005 Drupal core - Cross site scripting

In addition to this security vulnerability, the following bugs have been fixed 
since the 5.15 release:

* #150851 by pwolanin and chx: different radio buttons in the same set should 
have different HTML id values (XHTML validity fix). Backport #367689 by gollyg.
* #335741 by electricmonk. Do not recurse over non-objects.
* #287725 by mantyla. Sort by mid to avoid inconsistencies when multiple menu 
items exist for a node.
* 174940 by gpk: avoid calling up the full Drupal bootstrap for nonexistent 
favicon.ico. Backport by matt@antinomia.
* #112887 by ged3000. Adding Newfoundland DST
* #401494 by andypost. Correctly clear menu cache.
* #396224 by pwolanin: Further harden template file name discovery
* #395086 by Freso: call trim() before truncate_utf8() in comment module for 
better quality truncation.
* #197864 by vito_swat, alpritt, Murz, catch: Use hook_term_path() in forum 
module instead of hook_link_alter(); simplfies code, improves performance and 
compatibility.
---
Module Name:    pkgsrc
Committed By:   adrianp
Date:           Thu May 14 19:37:02 UTC 2009

Modified Files:
        pkgsrc/www/drupal: Makefile distinfo

Log Message:
5.18

This release fixes security vulnerabilities. Sites are urged to upgrade 
immediately after reading the security announcement:

* SA-CORE-2009-006 Drupal core - Cross site scripting

In addition to this security vulnerability, the following bugs have been fixed 
since the 5.15 release:

* #396224 partial rollback of SA-CORE-2009-003 security hardening.
* #396224 adding missing documentation comment update. By dvessel and pwolanin.
* #267305 by brianV. Remove ?>.
* #305544 by jsenich. Add missing clear-block to admin by modules.
* #330084 by c960657: Remove unnecessary duplication of the From header value 
in Reply-to; standards indicate setting the From header should be sufficient.


To generate a diff of this commit:
cvs rdiff -u -r1.37 -r1.37.2.1 pkgsrc/www/drupal/Makefile
cvs rdiff -u -r1.28 -r1.28.2.1 pkgsrc/www/drupal/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: [pkgsrc-2009Q1] pkgsrc/emulators/qemu
Next by Date: CVS commit: [pkgsrc-2009Q1] pkgsrc/www/drupal6
Previous by Thread: CVS commit: [pkgsrc-2009Q1] pkgsrc/emulators/qemu
Next by Thread: CVS commit: [pkgsrc-2009Q1] pkgsrc/www/drupal6
Indexes:

Home | Main Index | Thread Index | Old Index