François, if you could in the future include URLs to the patches, it would be much easier to reconcile them:
+Origin: upstream, commit:3b1dc78070988b68fa7a8495c19957d83c204d95 maps to: http://gitorious.org/mahara/mahara/commit/3b1dc78070988b68fa7a8495c19957d83c204d95 +Origin: upstream, commit:fcee1996e56588f2f0f54f627d3b75e695b03e1b maps to: http://gitorious.org/mahara/mahara/commit/fcee1996e56588f2f0f54f627d3b75e695b03e1b Which took a fair bit of investigation to figure out. However, these look exactly clean, and the patches fix a security vulnerability, so I see no reason to delay uploading them. As Artur said, the url would be much more useful than just the commit ID. I've built with the debdiffs for lucid and maverick, and installed them. I was able to perform the mahara install and browse the site. I didn't try to reproduce the security vulnerabilities, as creating users and sending emails from inside a chroot can be difficult, but the code fixes are extremely straightforward and identical to the patches applied upstream, so I'm confident the issue is resolved. As such I've marked the Lucid and Maverick tasks as confirmed. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/676336 Title: Blogs get deleted without sesskey check -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
