[SECURITY] Fedora 7 Update: drupal-5.3-1.fc7

updates at fedoraproject.org updates at fedoraproject.org
Wed Oct 24 07:15:27 UTC 2007 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-2649
2007-10-24 07:15:23.618844
--------------------------------------------------------------------------------

Name        : drupal
Product     : Fedora 7
Version     : 5.3
Release     : 1.fc7
URL         : http://www.drupal.org
Summary     : An open-source content-management platform
Description :
Equipped with a powerful blend of features, Drupal is a Content Management
System written in PHP that can support a variety of websites ranging from
personal weblogs to large community-driven websites.  Drupal is highly
configurable, skinnable, and secure.

--------------------------------------------------------------------------------
Update Information:

- Upgrade to 5.3, fixes:
- HTTP response splitting.
- Arbitrary code execution.
- Cross-site scripting.
- Cross-site request forgery.
- Access bypass.

Remember to log in to your site as the admin user before upgrading this package.  After upgrading the package, browse to http://host/drupal/update.php to run the upgrade script.
--------------------------------------------------------------------------------
References:

  [ 1 ] CVE-2007-5593
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5593
  [ 2 ] CVE-2007-5594
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5594
  [ 3 ] CVE-2007-5595
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5595
  [ 4 ] CVE-2007-5596
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5596
  [ 5 ] CVE-2007-5597
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5597
--------------------------------------------------------------------------------
Updated packages:

41c95f8bb4ba179a7307a6fc62cf37bb95924371 drupal-5.3-1.fc7.noarch.rpm
f5cf193c22cec390c1165dcf75ac6f2c378afce9 drupal-5.3-1.fc7.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update drupal' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

More information about the package-announce mailing list