Information on source package drupal6

Available versions

ReleaseVersion
squeeze6.18-1squeeze1
wheezy6.22-1
sid6.26-1

Open issues

BugDescription
CVE-2012-0825
CVE-2012-0826

Open unimportant issues

BugDescription
TEMP-0000000-57BF72XSS in drupal printing module
TEMP-0000000-8FB0B7XSS in drupal 6 calendar field

Resolved issues

BugDescription
CVE-2008-3661Drupal, probably 5.10 and 6.4, does not set the secure flag for the ...
CVE-2008-4789The validation functionality in the core upload module in Drupal 6.x ...
CVE-2008-4791The user module in Drupal 5.x before 5.11 and 6.x before 6.5 might ...
CVE-2008-4792The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 ...
CVE-2008-4793The node module API in Drupal 5.x before 5.11 allows remote attackers ...
CVE-2008-6170Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and ...
CVE-2008-6171includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, ...
CVE-2008-6532Multiple cross-site request forgery (CSRF) vulnerabilities in the ...
CVE-2008-6533Drupal 5.x before 5.13 and 6.x before 6.7 does not delete all related ...
CVE-2009-0382Unspecified vulnerability in Internationalization (i18n) Translation ...
CVE-2009-1575Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.17 and ...
CVE-2009-1576Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before ...
CVE-2009-1844Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x ...
CVE-2009-2372Drupal 6.x before 6.13 does not prevent users from modifying user ...
CVE-2009-2373Cross-site scripting (XSS) vulnerability in the Forum module in Drupal ...
CVE-2009-2374Drupal 5.x before 5.19 and 6.x before 6.13 does not properly sanitize ...
CVE-2009-4369Cross-site scripting (XSS) vulnerability in the Contact module ...
CVE-2009-4370Cross-site scripting (XSS) vulnerability in the Menu module ...
CVE-2009-4371Cross-site scripting (XSS) vulnerability in the Locale module ...
CVE-2010-2250Installation cross site scripting
CVE-2010-2471Open redirection
CVE-2010-2472Locale module cross site scripting
CVE-2010-2473Blocked user session regeneration
CVE-2010-3091The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...
CVE-2010-3092The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does ...
CVE-2010-3093The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 ...
CVE-2010-3094Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x ...
CVE-2010-3685The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...
CVE-2010-3686The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x ...
CVE-2011-2687Drupal 7.x before 7.3 allows remote attackers to bypass intended ...
CVE-2012-0827
TEMP-0000000-FC3A86unspecified multiple Drupal vulnerabilies, likely some overlap with the next temp entry
TEMP-0503222-4ACACFXSS in book module in drupal
TEMP-0503222-760085local file inclusion in drupal
TEMP-0547140-24A459SA-CORE-2009-008

Security announcements

DSADescription
DSA-2113-1drupal6 - several vulnerabilities
DSA-2016-1drupal6 - several vulnerabilities
DSA-1930-1drupal6 - several vulnerabilities
DSA-1808-1drupal6 - insufficient input sanitising
DSA-1792-1drupal6 - multiple vulnerabilities
Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)