moodle (2.7.12+dfsg-1) unstable; urgency=high
* New upstream security release, released Jan 11, 2016. Note that the
upstream 2.7 branch is supported for security fixes only until May 2017
(LTS). Security issue fixed:
- (MSA-16-0001) CVE-2016-0724 Two enrolment-related web services don't check
course visibility. Thanks Salvatore Bonaccorso. Closes: #811344
Other fixes and improvements:
- MDL-49473 - Logs export contains year
- MDL-52194 - Fixed Flowplayer not working with insecure configuration of
request_order
See https://docs.moodle.org/dev/Moodle_2.7.12_release_notes for more
details.
* debian/links, debian/rules: delegate creating symlinks to dh_link, via
debian/links. This should fix a bug in upgrading: old obsolete symlinks are
kept.
* debian/rules: no longer install bennu/COPYRIGHT.txt, dragmath/COPYRIGHT.html
in usr/share/moodle/lib .
* debian/control: get rid of Breaks/Replaces moodle-book: moodle-book was only
shipped with squeeze (current oldoldstable).
* debian/control: remove Penny Leach <penny /a/ mjollnir 0 org>, Xavier Oswald
<xoswald@d.o> from Uploaders: I haven't seen any activity from them since
more than one year. Penny, Xavier: you're very much invited to add yourself
again.
* debian/rules: no longer run debhelper in verbose mode.
-- Joost van Baal-Ilić <email address hidden> Mon, 18 Jan 2016 08:38:29 +0100