---
- branch: MAIN
  date: Fri Jan 11 12:37:11 UTC 2008
  files:
  - new: '1.26'
    old: '1.25'
    path: pkgsrc/www/drupal/Makefile
    pathrev: pkgsrc/www/drupal/Makefile@1.26
    type: modified
  - new: '1.19'
    old: '1.18'
    path: pkgsrc/www/drupal/distinfo
    pathrev: pkgsrc/www/drupal/distinfo@1.19
    type: modified
  id: 20080111T123711Z.a5914d492a373326b0dd789e6245f945f16180f9
  log: "Update to 5.6\n\nThis release fixes security vulnerabilities. Sites are urged
    to upgrade immediately. For more details, please see the security announcement:\nSA-2008-005
    - Drupal core - Cross site request forgery\nSA-2008-006 - Drupal core - Cross
    site scripting (UTF8)\nSA-2008-007 - Drupal core - Cross site scripting (register_globals)\n\nIn
    addition to this security vulnerability, the following bugs have been fixed since
    the 5.5 release:\n173858 by Gç\x95¸or Hojtsy: skip UTF-8 BOM when importing locale
    files\n179164 by Heine: sort modules by name on the module admin page\n199640
    by webernet: (usability) add option to select no taxonomy term in multiselect
    forms, not to rely on browser trickery\n199084 by chx: better conformance with
    ISO date formats in our xmlrpc code\n173459 by Dave Cohen. Backport of #78487
    by FredCK, forngren and bjaspan: document support in url() and l() and proper
    active class support for .\n89218 by Gç\x95¸or Hojtsy. Properly initialize a counter
    variable and fix poll editing.\n64388 by Gç\x95¸or Hojtsy. Add missing db_rewrite_sql();
    not a security issue since it is a count() query.\n200338 by m3avrck and quicksketch:
    fix transparent GIF resizing\n194652 by Heine: specify explicit accept-charset
    for forms to avoid browser guessing\n182410 by greggles: HTTP Basic authentication
    username and password was parsed in drupal_http_request() but then not used in
    the request\n- Patch 201894 by David Rothstein: fixed typo in user output.\n180126
    by mmoreno, drewish and scor: add realpath() call to file_save_data(), so Windows
    will create temporary files properly\n115689 by chx: new content types should
    not overwrite old ones. Backport by Pancho.\n203727 by Arancaytar. More effectively
    use hook API.\n204855 by webernet. Add missing * in documentation.\n168315 by
    schuyler1d: previous active database name was not consistently returned in db_set_active()\n-
    Patch 199955 by saxofaan: file_upload_max_size() returns results in bytes, not
    in mega bytes.\n194579 patch by pwolanin: clear filter cache when allowed HTML
    tags configuration changes in an input format\n#166433 by Ralf Stamm. Use correct
    menu item type for revsion confirm pages.\n58806 by fwalch and wicksteedc. Do
    not override MENU_VISIBLE_IF_HAS_CHILDREN on editing.\nPartial backport of 112715
    to fix 124641.\n\nChanges from 5.4 -> 5.5\nFixed missing missing brackets in a
    query in the user module.\nFixed taxonomy feed bug introduced by SA-2007-031\n"
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/drupal'
  unixtime: '1200055031'
  user: adrianp