mahara-contributors team mailing list archive
-
mahara-contributors team
-
Mailing list archive
-
Message #16203
[Bug 1266976] [NEW] Update to HTMLPurifier 4.6.0
*** This bug is a security vulnerability ***
Public security bug reported:
HTMLPurifier 4.6.0 came out in November 30, and it's a security release.
So, we should update our version to that, and since it's a security
release we should also backport it to 1.6, 1.7, and 1.8.
http://htmlpurifier.org/news/
** Affects: mahara
Importance: High
Status: Confirmed
** Affects: mahara/1.6
Importance: High
Status: Confirmed
** Affects: mahara/1.7
Importance: High
Status: Confirmed
** Affects: mahara/1.8
Importance: High
Status: Confirmed
** Affects: mahara/1.9
Importance: High
Status: Confirmed
** Tags: htmlpurifier
** Also affects: mahara/1.6
Importance: Undecided
Status: New
** Also affects: mahara/1.7
Importance: Undecided
Status: New
** Also affects: mahara/1.8
Importance: Undecided
Status: New
** Also affects: mahara/1.9
Importance: High
Status: Confirmed
** Changed in: mahara/1.6
Milestone: None => 1.6.9
** Changed in: mahara/1.7
Milestone: None => 1.7.5
** Changed in: mahara/1.8
Milestone: None => 1.8.2
** Changed in: mahara/1.8
Status: New => Confirmed
** Changed in: mahara/1.7
Status: New => Confirmed
** Changed in: mahara/1.6
Status: New => Confirmed
** Changed in: mahara/1.8
Importance: Undecided => High
** Changed in: mahara/1.7
Importance: Undecided => High
** Changed in: mahara/1.6
Importance: Undecided => High
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1266976
Title:
Update to HTMLPurifier 4.6.0
Status in Mahara ePortfolio:
Confirmed
Status in Mahara 1.6 series:
Confirmed
Status in Mahara 1.7 series:
Confirmed
Status in Mahara 1.8 series:
Confirmed
Status in Mahara 1.9 series:
Confirmed
Bug description:
HTMLPurifier 4.6.0 came out in November 30, and it's a security
release. So, we should update our version to that, and since it's a
security release we should also backport it to 1.6, 1.7, and 1.8.
http://htmlpurifier.org/news/
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1266976/+subscriptions
Follow ups
-
[Bug 1266976] Re: Update to HTMLPurifier 4.6.0
From: Kristina Hoeppner, 2014-11-24
-
[Bug 1266976] Re: Update to HTMLPurifier 4.6.0
From: Robert Lyon, 2014-04-22
-
[Bug 1266976] Re: Update to HTMLPurifier 4.6.0
From: Aaron Wells, 2014-04-03
-
[Bug 1266976] Re: Update to HTMLPurifier 4.6.0
From: Robert Lyon, 2014-04-03
-
[Bug 1266976] A change has been merged
From: Mahara Bot, 2014-01-14
-
[Bug 1266976] Re: Update to HTMLPurifier 4.6.0
From: Aaron Wells, 2014-01-14
-
[Bug 1266976] A change has been merged
From: Mahara Bot, 2014-01-14
-
[Bug 1266976] A change has been merged
From: Mahara Bot, 2014-01-14
-
[Bug 1266976] Re: Update to HTMLPurifier 4.6.0
From: Aaron Wells, 2014-01-14
-
[Bug 1266976] A patch has been submitted for review
From: Mahara Bot, 2014-01-14
-
[Bug 1266976] A patch has been submitted for review
From: Mahara Bot, 2014-01-14
-
[Bug 1266976] A patch has been submitted for review
From: Mahara Bot, 2014-01-14
-
[Bug 1266976] A change has been merged
From: Mahara Bot, 2014-01-14
-
[Bug 1266976] A patch has been submitted for review
From: Mahara Bot, 2014-01-14
-
[Bug 1266976] Re: Update to HTMLPurifier 4.6.0
From: Robert Lyon, 2014-01-14
-
[Bug 1266976] [NEW] Update to HTMLPurifier 4.6.0
From: Aaron Wells, 2014-01-08
References
