-
mahara (1.0.9-2ubuntu0.7) jaunty-security; urgency=low
* SECURITY UPDATE: multiple cross-site scripting vulnerabilities
- debian/patches/CVE-2010-1667.dpatch: upstream patch
- CVE-2010-1667
* SECURITY UPDATE: multiple cross-site request forgery vulnerabilities
- debian/patches/CVE-2010-1668.dpatch: upstream patch
- CVE-2010-1668
* SECURITY UPDATE: unsafe auth plugins configuration options
- debian/patches/CVE-2010-1670.dpatch: upstream patch
- CVE-2010-1670
* SECURITY UPDATE: IE-only cross-site scripting bug in HTML Purifier
- debian/patches/CVE-2010-2479.dpatch: upstream patch
- CVE-2010-2479
-- Francois Marier <email address hidden> Thu, 08 Jul 2010 14:55:29 +1200
-
mahara (1.0.9-2ubuntu0.6) jaunty-security; urgency=low
* SECURITY UPDATE: SQL injection (LP: #556369)
- debian/patches/CVE-2010-0400.dpatch: fix from upstream
- CVE-2010-0400
-- Francois Marier <email address hidden> Tue, 06 Apr 2010 22:58:53 +1200
-
mahara (1.0.9-2ubuntu0.5) jaunty-security; urgency=low
* SECURITY UPDATE: privilege escalation (LP: #463082)
- debian/patches/CVE-2009-3298.dpatch: fix from upstream
- CVE-2009-3298
* SECURITY UPDATE: cross-site scripting vulnerability (LP: #463083)
- debian/patches/CVE-2009-3299.dpatch: fix from upstream
- CVE-2009-3299
-- Francois Marier <email address hidden> Thu, 29 Oct 2009 16:47:11 +1300
-
mahara (1.0.9-2ubuntu0.4) jaunty-security; urgency=low
* SECURITY UPDATE: cross-site scripting vulnerabilities (LP: #390471)
- debian/patches/XSS_escaping.dpatch: fix from upstream
- CVE-2009-2170
-- Francois Marier <email address hidden> Mon, 22 Jun 2009 15:04:27 +1200
-
mahara (1.0.9-2ubuntu0.3) jaunty; urgency=low
* SECURITY UPDATE: cross-site scripting vulnerabilities in user profile
field and text blocks in all views (LP: #364949)
- debian/patches/CVE-2009-0664.dpatch: fix from upstream
- CVE-2009-0664
-- Francois Marier <email address hidden> Wed, 22 Apr 2009 17:13:39 +1200
-
mahara (1.0.9-2ubuntu0.2) jaunty; urgency=low
* Upload to correct pocket
mahara (1.0.9-2ubuntu0.1) jaunty-security; urgency=low
* SECURITY UPDATE: multiple cross-site scripting vulnerabilities in user
profile data and blogs (LP: #340863)
- debian/patches/CVE-2009-0660.dpatch: fixes from upstream advisory
- http://mahara.org/interaction/forum/topic.php?id=350
- CVE-2009-0660
* Add dpatch support
-- Jamie Strandboge <email address hidden> Thu, 19 Mar 2009 10:04:50 -0500
-
mahara (1.0.9-2) unstable; urgency=low
* debian/mahara.postrm: delete the snoopy symlink
* debian/mahara.postinst: create a lib/smarty/libs symlink when necessary
(for example on Ubuntu)
mahara (1.0.9-1) unstable; urgency=high
* New Upstream Version
- fixes XSS vulnerability in forum posts
* debian/copyright: add the word "copyright" to fix a lintian notice
-- Fran?ois Marier <email address hidden> Tue, 17 Feb 2009 15:08:54 +0000
-
mahara (1.0.6-1) unstable; urgency=low
* New upstream version
-- Ubuntu Archive Auto-Sync <email address hidden> Mon, 10 Nov 2008 11:57:53 +0000
-
mahara (1.0.5-2) unstable; urgency=high
* Depend on libphp-snoopy instead of using the embedded copy shipped
with Mahara (CVE-2008-4796, closes: #504170)
* Backport upstream's patch (41189c30d198153dc66dc867e160dab948929458)
to phpmailer (CVE-2007-3125, closes: #504253)
* Add lintian overrides for the customised embedded libraries
mahara (1.0.5-1) unstable; urgency=low
* New Upstream Version
* Fix comments in maintainer scripts (closes: #491924)
* Add lintian override for embedded copies of mochikit
* Bump debhelper compatibility to 7 to use dh_lintian
mahara (1.0.4-2) unstable; urgency=low
* Compress the package using bzip2
* Remove non-userdata directories in /var/lib/mahara when purging
* Clarify the MySQL instructions in README.Debian
* Add Galician debconf translation (closes: #488185). Thanks Jacobo!
* Add Japanese debconf translation (closes: #488338). Thanks Tsunoda!
* Add Czech debconf translation (closes: #488368). Thanks Miroslav!
* Add Turkish debconf translation (closes: #488507). Thanks Mert!
* Add Russian debconf translation (closes: #489168). Thanks Yuri!
* Add Finnish debconf translation (closes: #489121). Thanks Esko!
* Add Vietnamese debconf translation (closes: #489402). Thanks Clytie!
-- Ubuntu Archive Auto-Sync <email address hidden> Wed, 05 Nov 2008 10:40:03 +0000
-
mahara (1.0.4-1) unstable; urgency=low
[ Francois Marier ]
* Add Swedish debconf translation (closes: #487724). Thanks Martin!
* Remove outdated NEWS file
[ Nigel McNie ]
* New Upstream Version
-- Ubuntu Archive Auto-Sync <email address hidden> Wed, 25 Jun 2008 17:21:33 +0100
