Public bug reported:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
affects ubuntu
status confirmed
importance wishlist
subscribe ubuntu-archive
Please sync mahara 1.1.3-1 (universe) from Debian unstable (main). All Ubuntu
changes have been incorporated in the Debian package.
Changelog since current karmic version 1.0.9-2ubuntu0.3:
mahara (1.1.3-1) unstable; urgency=high
* New Upstream Version
- fixes XSS issues in user profile field and text boxes in user views
(CVE-2009-0664)
- fixes remote code execution in the bundled copy of html2text
(CVE-2008-5619, closes: #524778)
* Bump Standards-Version to 3.8.1 (no changes)
* Remove execute bit on a bunch of Javascript files (lintian warning)
-- Francois Marier <franc...@debian.org> Wed, 22 Apr 2009 17:06:36
+1200
mahara (1.1.2-1) unstable; urgency=high
* New Upstream Version
- fixes multiple XSS vulnerabilities (CVE-2009-0660)
-- Francois Marier <franc...@debian.org> Tue, 10 Mar 2009 19:44:14
+1300
mahara (1.1.1-1) unstable; urgency=medium
* New Upstream Version
- fixes broken upgrades on MySQL
-- Francois Marier <franc...@debian.org> Mon, 02 Mar 2009 12:08:42
+1300
mahara (1.1.0-1) unstable; urgency=low
* New Upstream Version
* Add dependency on php5-curl (instead of being only recommended)
* Mention the 3rd install step (logging in as admin) in README.Debian
-- Francois Marier <franc...@debian.org> Thu, 26 Feb 2009 12:57:40 +1300
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAknyo3sACgkQHajaM93NaGriMwCffnZHH++OZafOJge4WeygMrod
210An2vvXbr3v3u4BaS1Wm6PSGHZ+SOT
=7GrT
-----END PGP SIGNATURE-----
** Affects: ubuntu
Importance: Wishlist
Status: Confirmed
--
Please sync mahara 1.1.3-1 (universe) from Debian unstable (main).
https://bugs.launchpad.net/bugs/366548
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
