I understand that there is a feature freeze, but is a freeze exception needed even if the new upstream version doesn't introduce new features?
Mahara 1.0.x is currently the old stable version and so it only gets bug fixes (see the release notes at http://mahara.org/interaction/forum/topic.php?id=351). Upgrading the Jaunty version now would fix a few bugs and would make it easier to apply future fixes if needed. Since Jaunty is not released yet, I assumed that we didn't have to follow the regular security procedure and that we could just update to the latest upstream point release. -- CVE-2009-0660 Multiple XSS vulnerabilities in Mahara 1.0.9 https://bugs.launchpad.net/bugs/340863 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
