[ubuntu/karmic-security] mahara, mahara_1.1.5-1ubuntu0.3_i386_translations.tar.gz (delayed) 1.1.5-1ubuntu0.3 (Accepted)

Thu Jul 8 19:03:27 BST 2010

mahara (1.1.5-1ubuntu0.3) karmic-security; urgency=low

  * SECURITY UPDATE: multiple cross-site scripting vulnerabilities
    - debian/patches/CVE-2010-1667.dpatch: upstream patch
    - CVE-2010-1667

  * SECURITY UPDATE: multiple cross-site request forgery vulnerabilities
    - debian/patches/CVE-2010-1668.dpatch: upstream patch
    - CVE-2010-1668

  * SECURITY UPDATE: SQL injection
    - debian/patches/CVE-2010-1669.dpatch: upstream patch
    - CVE-2010-1669

  * SECURITY UPDATE: unsafe auth plugins configuration options
    - debian/patches/CVE-2010-1670.dpatch: upstream patch
    - CVE-2010-1670

  * SECURITY UPDATE: IE-only cross-site scripting bug in HTML Purifier
    - depend on php-htmlpurifier and stop using the bundled version
    - CVE-2010-2479

Date: Thu, 08 Jul 2010 15:27:38 +1200
Changed-By: Francois Marier <francois at debian.org>
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/mahara/1.1.5-1ubuntu0.3
-------------- next part --------------
Format: 1.8
Date: Thu, 08 Jul 2010 15:27:38 +1200
Source: mahara
Binary: mahara mahara-apache2
Architecture: source
Version: 1.1.5-1ubuntu0.3
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Francois Marier <francois at debian.org>
Description: 
 mahara     - Electronic portfolio, weblog, and resume builder
 mahara-apache2 - Electronic portfolio, weblog, and resume builder - apache2 config
Changes: 
 mahara (1.1.5-1ubuntu0.3) karmic-security; urgency=low
 .
   * SECURITY UPDATE: multiple cross-site scripting vulnerabilities
     - debian/patches/CVE-2010-1667.dpatch: upstream patch
     - CVE-2010-1667
 .
   * SECURITY UPDATE: multiple cross-site request forgery vulnerabilities
     - debian/patches/CVE-2010-1668.dpatch: upstream patch
     - CVE-2010-1668
 .
   * SECURITY UPDATE: SQL injection
     - debian/patches/CVE-2010-1669.dpatch: upstream patch
     - CVE-2010-1669
 .
   * SECURITY UPDATE: unsafe auth plugins configuration options
     - debian/patches/CVE-2010-1670.dpatch: upstream patch
     - CVE-2010-1670
 .
   * SECURITY UPDATE: IE-only cross-site scripting bug in HTML Purifier
     - depend on php-htmlpurifier and stop using the bundled version
     - CVE-2010-2479
Checksums-Sha1: 
 94e439c070ba7c623c2f3e72475a38e35d51ed62 1388 mahara_1.1.5-1ubuntu0.3.dsc
 84d22f4e6c13c82978f2eec5a63e4a7a377ee52a 28487 mahara_1.1.5-1ubuntu0.3.diff.gz
Checksums-Sha256: 
 d94c306155c18f56f0836b5567ad64caaacb78b29274996284a7da3c1e38ee6d 1388 mahara_1.1.5-1ubuntu0.3.dsc
 59509e4b3c8e722bd3d18811615b2b904020ede4233c5610c6d47f29dbe2a858 28487 mahara_1.1.5-1ubuntu0.3.diff.gz
Files: 
 c71fa3a30c0ae20bfe392d08c9629d41 1388 web optional mahara_1.1.5-1ubuntu0.3.dsc
 4253fc9f6509a3eb4d5fe1477f005e2a 28487 web optional mahara_1.1.5-1ubuntu0.3.diff.gz
Original-Maintainer: Mahara Debian Packaging Team <pkg-debian at mahara.org>