[SRU] Sync drupal7 7.43-3 (universe) from Debian unstable (main)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
drupal7 (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Xenial |
Fix Released
|
High
|
Unassigned |
Bug Description
Drupal7 in 16.04 has been left as broken while we wait on upstream Drupal7 to gain PHP7.0 compatibility. This has been achieved in Debian's current version, which we should be able to sync as we have no delta currently.
[Impact]
* drupal7 is currently uninstallable in 16.04.
[Test Case]
* There is no test case for this issue, other than attempting to install drupal7 itself, which will currently fail due to php5 dependencies.
[Regression Potential]
* As drupal7 is currently uninstallable, there is no possibility of regression in 16.04 itself.
[Other Info]
* To reiterate, the plan for drupal7 in 16.04 was to wait for PHP7 compatibility to be available and to SRU in the corresponding version.
Please sync drupal7 7.43-3 (universe) from Debian unstable (main)
Changelog entries since current xenial version 7.41-1:
drupal7 (7.43-3) unstable; urgency=medium
* Moved the farbstatic sources from debian/
todebian/
* The right name for one of our conditional dependencies is no longer
php-sqlite, but php-sqlite3. Thanks to Nish Aravamudan for pointing
this out!
-- Gunnar Wolf <email address hidden> Mon, 09 May 2016 12:25:34 -0500
drupal7 (7.43-2) unstable; urgency=medium
* Update dependencies to use PHP 7 instead of 5 (Closes: #821482)
* Updated debian/watch to work reliably
* Standards-version 3.9.6.0→3.9.8 (no changes needed)
-- Gunnar Wolf <email address hidden> Mon, 09 May 2016 10:54:11 -0500
drupal7 (7.43-1) unstable; urgency=high
* New upstream version
* Fixes several security vulnerabilities (SA-CORE-2016-001): File
upload access bypass and DoS, brute force amplification attack via
XML-RPC, open redirect via path manipulation, reflected file
download, wrong modes set on some user accounts setting saves,
information disclosure of email addresses
* Several non-security bugfixes from 7.42 included
* Fix typo in README.Debian
* Add several needed lintian overrides
-- Gunnar Wolf <email address hidden> Thu, 25 Feb 2016 22:43:55 -0600
Changed in drupal7 (Ubuntu): | |
importance: | Undecided → Wishlist |
description: | updated |
summary: |
- Sync drupal7 7.43-3 (universe) from Debian unstable (main) + [SRU] Sync drupal7 7.43-3 (universe) from Debian unstable (main) |
tags: | added: xenial |
tags: | added: upgrade-software-version |
Changed in drupal7 (Ubuntu): | |
importance: | Wishlist → Low |
Changed in drupal7 (Ubuntu): | |
status: | New → Fix Released |
Changed in drupal7 (Ubuntu Xenial): | |
importance: | Undecided → Low |
Thanks for the pointers! I've uploaded a backported version to xenial. I'll subscribe the SRU team here for the next steps.