[ubuntu/lucid-security] mahara, mahara_1.2.4-1ubuntu0.3_i386_translations.tar.gz (delayed) 1.2.4-1ubuntu0.3 (Accepted)

Ubuntu Installer archive at ubuntu.com
Wed May 18 17:03:39 UTC 2011 

mahara (1.2.4-1ubuntu0.3) lucid-security; urgency=low

  * SECURITY UPDATE: fixes to session key validation (CSRF)
    - debian/patches/CVE-2011-1403.patch: upstream patch

  * SECURITY UPDATE: privilege escalations
    - debian/patches/CVE-2011-1402.patch: upstream patch

  * SECURITY UPDATE: information disclosure in AJAX calls
    - debian/patches/CVE-2011-1404.patch: upstream patch

  * SECURITY UPDATE: https to http downgrade
    - debian/patches/CVE-2011-1406.patch: upstream patch

  * SECURITY UPDATE: sanitisation of HTML emails
    - debian/patches/CVE-2011-1405.patch: upstream patch

Date: Tue, 10 May 2011 16:33:40 +1200
Changed-By: Francois Marier <francois at debian.org>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/mahara/1.2.4-1ubuntu0.3
-------------- next part --------------
Format: 1.8
Date: Tue, 10 May 2011 16:33:40 +1200
Source: mahara
Binary: mahara mahara-apache2
Architecture: source
Version: 1.2.4-1ubuntu0.3
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Francois Marier <francois at debian.org>
Description: 
 mahara     - Electronic portfolio, weblog, and resume builder
 mahara-apache2 - Electronic portfolio, weblog, and resume builder - apache2 config
Changes: 
 mahara (1.2.4-1ubuntu0.3) lucid-security; urgency=low
 .
   * SECURITY UPDATE: fixes to session key validation (CSRF)
     - debian/patches/CVE-2011-1403.patch: upstream patch
 .
   * SECURITY UPDATE: privilege escalations
     - debian/patches/CVE-2011-1402.patch: upstream patch
 .
   * SECURITY UPDATE: information disclosure in AJAX calls
     - debian/patches/CVE-2011-1404.patch: upstream patch
 .
   * SECURITY UPDATE: https to http downgrade
     - debian/patches/CVE-2011-1406.patch: upstream patch
 .
   * SECURITY UPDATE: sanitisation of HTML emails
     - debian/patches/CVE-2011-1405.patch: upstream patch
Checksums-Sha1: 
 97ecdba1e41d4f0e724287ec3130b81339bfe42e 2021 mahara_1.2.4-1ubuntu0.3.dsc
 60af8aa3c3c26ab6b888f7c1c6128d5682dc7c95 31167 mahara_1.2.4-1ubuntu0.3.debian.tar.gz
Checksums-Sha256: 
 2c525eae4a0ff85a9fb4977a1e97169615fbe0c2e9db249ba2f7c717c5e8e886 2021 mahara_1.2.4-1ubuntu0.3.dsc
 be2ae130ab0c8ed5128a50657358cd76db0189fc2266454d36aeca5b3a255dbf 31167 mahara_1.2.4-1ubuntu0.3.debian.tar.gz
Files: 
 67a7dd6f5223586cd1c37ced84b5867c 2021 web optional mahara_1.2.4-1ubuntu0.3.dsc
 3d930dc0a2d0e0a33f8d044b0cb7d78b 31167 web optional mahara_1.2.4-1ubuntu0.3.debian.tar.gz
Original-Maintainer: Mahara Packaging Team <mahara-packaging at lists.launchpad.net>

More information about the Lucid-changes mailing list