mahara 1.5.1-3 source package in Ubuntu
Changelog
mahara (1.5.1-3) unstable; urgency=high * SECURITY UPDATE: Disable XML entity parsing to prevent XEE - debian/patches/CVE-2012-2239.patch: upstream patch * SECURITY UPDATE: Multiple cross-site scripting vulnerabilities - Content passed to the error message was not escaped - Escape pieform errors displayed to users - debian/patches/CVE-2012-2243-0001.patch: upstream patch - XHTML files prone to embedded javascript - Prevent uploaded xhtml files from displaying verbatim - debian/patches/CVE-2012-2243-0002.patch: upstream patch * SECURITY UPDATE: Arbitrary file execution via clam path - Remove executable bit from existing uploaded files - debian/patches/CVE-2012-2244-0001.patch: upstream patch - Ensure future files will not be executable - debian/patches/CVE-2012-2244-0002.patch: upstream patch - Remove direct path option from web configuration - debian/patches/CVE-2012-2244-0003.patch: upstream patch * SECURITY UPDATE: Prevent click-jacking attacks - Add a HTTP header of X-Frame-Options to every page - debian/patches/CVE-2012-2246.patch: upstream patch * SECURITY UPDATE: Prevent SVG images being displayed - SVG images displayed inline - Adds SVG files to the list of files to not display by default - debian/patches/CVE-2012-2247.patch: upstream patch -- Melissa Draper <email address hidden> Tue, 12 Nov 2012 04:08:09 +0000
Upload details
- Uploaded by:
- Mahara Packaging
- Uploaded to:
- Sid
- Original maintainer:
- Mahara Packaging
- Architectures:
- all
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
mahara_1.5.1-3.dsc | 2.0 KiB | 0f8b597f517d29e1a18d21379c5570b1d4a789138e73c66c08ab2cce8ff9a14a |
mahara_1.5.1.orig.tar.gz | 5.5 MiB | 6ff9919185b67352fbde8cecbb46b37c4295f712b7e853f3220751d7d130348f |
mahara_1.5.1-3.debian.tar.gz | 33.0 KiB | 754bb8467589c810f8656cb5a565c5173dcf35da4db8ef8a529bbd9d2f9b6864 |
Available diffs
- diff from 1.5.1-2.1 to 1.5.1-3 (5.8 KiB)
No changes file available.
Binary packages built by this source
- mahara: No summary available for mahara in ubuntu raring.
No description available for mahara in ubuntu raring.
- mahara-apache2: No summary available for mahara-apache2 in ubuntu raring.
No description available for mahara-apache2 in ubuntu raring.
- mahara-mediaplayer: No summary available for mahara-mediaplayer in ubuntu raring.
No description available for mahara-mediaplayer in ubuntu raring.