mahara 1.2.5-2ubuntu0.3 source package in Ubuntu
Changelog
mahara (1.2.5-2ubuntu0.3) maverick-security; urgency=low
* SECURITY UPDATE: XSS in unvalidated URI attributes
- Added a filter to sanitise user input urls (LP: #888358)
- debian/patches/CVE-2011-2771.patch: upstream patch
- CVE-2011-2771
* SECURITY UPDATE: DoS attack via invalid or excessively large images
- Added a check to evaluate available memory before processing
(LP: #888358)
- debian/patches/CVE-2011-2772.patch: upstream patch
- CVE-2011-2772
* SECURITY UPDATE: XSRF allowing attackers to trick an admin into adding
them to an institution
- Session check added (LP: #888358)
- debian/patches/CVE-2011-2773.patch: upstream patch
- CVE-2011-2773
* SECURITY UPDATE: Prevent masquerading users from jumping as others
- Added a check to prevent jumping as other users. (LP: #888358)
- debian/patches/mnet_masquerading.patch: upstream patch
-- Melissa Draper <email address hidden> Tue, 08 Nov 2011 18:59:14 +1300
Upload details
- Uploaded by:
- Melissa Draper
- Sponsored by:
- Steve Beattie
- Uploaded to:
- Maverick
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- web
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| mahara_1.2.5.orig.tar.gz | 3.9 MiB | 8d1f1d5c490c57efabf8f7962bf8c5953f2dbaa2f881db5a898beee44263e95f |
| mahara_1.2.5-2ubuntu0.3.debian.tar.gz | 27.9 KiB | a3df6822600621aa6acd31b4be75e165edf2fefddd2b5c56ed2ed8ff015cbc2d |
| mahara_1.2.5-2ubuntu0.3.dsc | 2.0 KiB | 67b419154b2e1772f96f5ee39ff3a2d3649ec11941c99a7aacc122dd84a8fa83 |
Available diffs
Binary packages built by this source
- mahara: No summary available for mahara in ubuntu maverick.
No description available for mahara in ubuntu maverick.
- mahara-apache2: No summary available for mahara-apache2 in ubuntu maverick.
No description available for mahara-apache2 in ubuntu maverick.
