Imagenes de instalación de las versiones estables para Mageia y OpenMandriva.
OpenMandriva: Mageia (Mageia 9) 20/Agosto/2023 - Anuncio, Descargas.
Blogdrake recomienda descargar las imágenes de instalación (iso) vía torrent para evitar corrupción de datos, aprovechar mejor su ancho de banda y mejorar la difusión de las distribuciones.
Capi_X: Bug en Drupal.
Esto lo pongo aquí especialmente para los bofhers del site, y para todo aquel que use Drupal.
----------------------------------------------------------------------------
Drupal security advisory DRUPAL-SA-2006-001
----------------------------------------------------------------------------
Advisory ID: DRUPAL-SA-2006-001
Project: Drupal core
Date: 2006-03-13
Security risk: less critical
Impact: security bypass
Where: from remote
Vulnerability: bypass access control
----------------------------------------------------------------------------
Description
-----------
If you use menu.module to create a menu item, the page you point to will be
accessible to all, even if it is an admin page.
Versions affected
-----------------
All Drupal versions before 4.6.6.
Solution
--------
If you are running Drupal 4.5.x then upgrade to Drupal 4.5.8.
If you are running Drupal 4.6.x then upgrade to Drupal 4.6.6.
Contact
-------
The security contact for Drupal can be reached at security@drupal.org
or using the form at http://drupal.org/contact.
More information is available from http://drupal.org/security or from
our security RSS feed http://drupal.org/security/rss.xml.
// Uwe Hermann, on behalf of the Drupal Security Team.
-- Uwe Hermann http://www.hermann-uwe.de http://www.it-services-uh.de | http://www.crazy-hacks.org http://www.holsham-traders.de | http://www.unmaintained-free-software.org
----------------------------------------------------------------------------
Drupal security advisory DRUPAL-SA-2006-001
----------------------------------------------------------------------------
Advisory ID: DRUPAL-SA-2006-001
Project: Drupal core
Date: 2006-03-13
Security risk: less critical
Impact: security bypass
Where: from remote
Vulnerability: bypass access control
----------------------------------------------------------------------------
Description
-----------
If you use menu.module to create a menu item, the page you point to will be
accessible to all, even if it is an admin page.
Versions affected
-----------------
All Drupal versions before 4.6.6.
Solution
--------
If you are running Drupal 4.5.x then upgrade to Drupal 4.5.8.
If you are running Drupal 4.6.x then upgrade to Drupal 4.6.6.
Contact
-------
The security contact for Drupal can be reached at security@drupal.org
or using the form at http://drupal.org/contact.
More information is available from http://drupal.org/security or from
our security RSS feed http://drupal.org/security/rss.xml.
// Uwe Hermann, on behalf of the Drupal Security Team.
-- Uwe Hermann http://www.hermann-uwe.de http://www.it-services-uh.de | http://www.crazy-hacks.org http://www.holsham-traders.de | http://www.unmaintained-free-software.org
----------------------------------------------------------------------------
Drupal security advisory DRUPAL-SA-2006-003
----------------------------------------------------------------------------
Advisory ID: DRUPAL-SA-2006-003
Project: Drupal core
Date: 2006-03-13
Security risk: less critical
Impact: hijacking
Where: from remote
Vulnerability: session fixation attack
----------------------------------------------------------------------------
Description
-----------
If someone creates a clever enough URL and convinces you to click on it, and
you later log in but you do not log off then the attacker may be able to
impersonate you.
Versions affected
-----------------
All Drupal versions before 4.6.6.
Solution
--------
The fix to this issue requires PHP 4.3.2 or higher, which is higher than the
minimum requirements for the Drupal 4.5.x branch. If you are still running
an older version of PHP, you must upgrade it or this issue will not be
fixed.
If you are running Drupal 4.5.x then upgrade to Drupal 4.5.8.
If you are running Drupal 4.6.x then upgrade to Drupal 4.6.6.
Reported by
-----------
Markus Petrux
Contact
-------
The security contact for Drupal can be reached at security@drupal.org
or using the form at http://drupal.org/contact.
More information is available from http://drupal.org/security or from
our security RSS feed http://drupal.org/security/rss.xml.
// Uwe Hermann, on behalf of the Drupal Security Team.
-- Uwe Hermann http://www.hermann-uwe.de http://www.it-services-uh.de | http://www.crazy-hacks.org http://www.holsham-traders.de | http://www.unmaintained-free-software.org
----------------------------------------------------------------------------
Drupal security advisory DRUPAL-SA-2006-004
----------------------------------------------------------------------------
Advisory ID: DRUPAL-SA-2006-004
Project: Drupal core
Date: 2006-03-13
Security risk: moderately critical
Impact: security bypass
Where: from remote
Vulnerability: mail header injection attack
----------------------------------------------------------------------------
Description
-----------
Linefeeds and carriage returns were not being stripped from email headers,
raising the possibility of bogus headers being inserted into outgoing email.
This could lead to Drupal sites being used to send unwanted email.
Versions affected
-----------------
All Drupal versions before 4.6.6.
Solution
--------
If you are running Drupal 4.5.x then upgrade to Drupal 4.5.8.
If you are running Drupal 4.6.x then upgrade to Drupal 4.6.6.
Reported by
-----------
Norrin, kbahey
Contact
-------
The security contact for Drupal can be reached at security@drupal.org
or using the form at http://drupal.org/contact.
More information is available from http://drupal.org/security or from
our security RSS feed http://drupal.org/security/rss.xml.
// Uwe Hermann, on behalf of the Drupal Security Team.
-- Uwe Hermann http://www.hermann-uwe.de http://www.it-services-uh.de | http://www.crazy-hacks.org http://www.holsham-traders.de | http://www.unmaintained-free-software.org