[Bug 366548] [NEW] Please sync mahara 1.1.3-1 (universe) from Debian unstable (main).

Launchpad Bug Tracker 366548 at bugs.launchpad.net
Sat Apr 25 06:48:11 BST 2009 

You have been subscribed to a public bug by Scott Kitterman (kitterman):

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 affects ubuntu
 status confirmed
 importance wishlist
 subscribe ubuntu-archive

Please sync mahara 1.1.3-1 (universe) from Debian unstable (main). All Ubuntu
changes have been incorporated in the Debian package.

Changelog since current karmic version 1.0.9-2ubuntu0.3:

mahara (1.1.3-1) unstable; urgency=high

  * New Upstream Version
    - fixes XSS issues in user profile field and text boxes in user views
      (CVE-2009-0664)
    - fixes remote code execution in the bundled copy of html2text
      (CVE-2008-5619, closes: #524778)
  * Bump Standards-Version to 3.8.1 (no changes)
  * Remove execute bit on a bunch of Javascript files (lintian warning)

 -- Francois Marier <francois at debian.org>  Wed, 22 Apr 2009 17:06:36
+1200

mahara (1.1.2-1) unstable; urgency=high

  * New Upstream Version
    - fixes multiple XSS vulnerabilities (CVE-2009-0660)

 -- Francois Marier <francois at debian.org>  Tue, 10 Mar 2009 19:44:14
+1300

mahara (1.1.1-1) unstable; urgency=medium

  * New Upstream Version
    - fixes broken upgrades on MySQL

 -- Francois Marier <francois at debian.org>  Mon, 02 Mar 2009 12:08:42
+1300

mahara (1.1.0-1) unstable; urgency=low

  * New Upstream Version
  * Add dependency on php5-curl (instead of being only recommended)
  * Mention the 3rd install step (logging in as admin) in README.Debian

 -- Francois Marier <francois at debian.org>  Thu, 26 Feb 2009 12:57:40 +1300
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAknyo3sACgkQHajaM93NaGriMwCffnZHH++OZafOJge4WeygMrod
210An2vvXbr3v3u4BaS1Wm6PSGHZ+SOT
=7GrT
-----END PGP SIGNATURE-----

** Affects: ubuntu
     Importance: Wishlist
         Status: Confirmed

-- 
Please sync mahara 1.1.3-1 (universe) from Debian unstable (main).
https://bugs.launchpad.net/bugs/366548
You received this bug notification because you are a member of Ubuntu Package Archive Administrators, which is a direct subscriber.

More information about the ubuntu-archive mailing list