drupal6 -- several vulnerabilities

2013-10-11T00:00:00
ID DSA-2776
Type debian
Reporter Debian
Modified 2013-10-11T00:00:00

Description

Multiple vulnerabilities have been been fixed in the Drupal content management framework, resulting in information disclosure, insufficient validation, cross-site scripting and cross-site request forgery.

For the oldstable distribution (squeeze), these problems have been fixed in version 6.28-1.

For the stable distribution (wheezy), these problems have already been fixed in the drupal7 package.

For the unstable distribution (sid), these problems have already been fixed in the drupal7 package.

We recommend that you upgrade your drupal6 packages.