← Back to team overview

mahara-packaging team mailing list archive

[Bug 556407] [NEW] Sync mahara 1.2.4-1 (universe) from Debian sid (main)

 

*** This bug is a security vulnerability ***

Public security bug reported:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

 affects ubuntu/mahara
 status new
 importance wishlist
 subscribe ubuntu-sponsors
 done

Please sync mahara 1.2.4-1 (universe) from Debian sid (main)

Changelog entries since current lucid version 1.2.0-2:

mahara (1.2.4-1) unstable; urgency=high

  * New upstream release
    - fix for SQL injection (CVE-2010-0400)

 -- Francois Marier <francois@xxxxxxxxxx>  Tue, 06 Apr 2010 21:07:03
+1200

mahara (1.2.3-1) unstable; urgency=low

  * New upstream release
  * Fix error in postrm script for when /usr/share/mahara/theme/ doesn't exist

  * Bump Standards-Version to 3.8.4
  * Switch team maintenance email address to a Launchpad mailing list

 -- Francois Marier <francois@xxxxxxxxxx>  Mon, 08 Feb 2010 11:58:22 +1300
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iQIcBAEBCAAGBQJLuxhWAAoJEBYoHy4AfJjRXlMP/RGxzGdCLkQibvlIslRxvDKU
USt7A5Wz8r8gkwYlylqPgNjJMtYYyCkSq1CMcXcnBNQJnegqhJWeyHE3Tsk7rwLu
C/zf66ak9L55AY5qGhqN4NG2Zzk1hjkHGauVkNJCYH/uI2MroBCt/AjAw4i4GeCU
6ipQzv6tvpaCFlgsTM0/1B+eb01wYHMfOmrFH66D1gBiDdWsI/fmx37im0xpjOYT
GynzZr1JsxM7MIVlL3pF1JEnap0u9hmfcvJZq3vifZURauMwKrpAP6mGECDXPS6o
5wP1Ymt3HqP1KaKq/HJ+dVZKRstdZBdqZJp9hKUZ3r7TWKdODyVcMKFhjQ/n3ZSI
hCXONgB2Ggm0mmQFuJXJq82+D5riR1YqNxDsLDwkenY2ZsaClg9XHpoIEtzLr8tu
DQElaAb2RrddFzzke9VJu7vWQ8pTQkHPdrTB0MSVyjxXCKnlGlEOqpfZ2nzcUAgP
HG6L/xoqWEOdvX9/ig5FrIHqRCEWUWW4tLAZ/A+6LzLkfvxbGSveEuayrbOTMkP5
sryTbmWDRVOcmm+sH9plsRCIhIvR6tQncKJf0Q9JVyX1esUCD+w+LT0j7OljBtRC
vbjTf3+awGUWiPopbsGj6gRsp6ih3h60k/HAVButjW15rlYpDxQBsI1DU1YrHoCB
HEOdJV3bZTkFl6BXV/Kv
=oga0
-----END PGP SIGNATURE-----

** Affects: mahara (Ubuntu)
     Importance: Wishlist
         Status: New

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-0400

** This bug has been flagged as a security vulnerability

-- 
Sync mahara 1.2.4-1 (universe) from Debian sid (main)
https://bugs.launchpad.net/bugs/556407
You received this bug notification because you are a member of Mahara
Packaging, which is subscribed to mahara in ubuntu.

Status in “mahara” package in Ubuntu: New

Bug description:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

 affects ubuntu/mahara
 status new
 importance wishlist
 subscribe ubuntu-sponsors
 done

Please sync mahara 1.2.4-1 (universe) from Debian sid (main)

Changelog entries since current lucid version 1.2.0-2:

mahara (1.2.4-1) unstable; urgency=high

  * New upstream release
    - fix for SQL injection (CVE-2010-0400)

 -- Francois Marier <francois@xxxxxxxxxx>  Tue, 06 Apr 2010 21:07:03 +1200

mahara (1.2.3-1) unstable; urgency=low

  * New upstream release
  * Fix error in postrm script for when /usr/share/mahara/theme/ doesn't exist

  * Bump Standards-Version to 3.8.4
  * Switch team maintenance email address to a Launchpad mailing list

 -- Francois Marier <francois@xxxxxxxxxx>  Mon, 08 Feb 2010 11:58:22 +1300
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iQIcBAEBCAAGBQJLuxhWAAoJEBYoHy4AfJjRXlMP/RGxzGdCLkQibvlIslRxvDKU
USt7A5Wz8r8gkwYlylqPgNjJMtYYyCkSq1CMcXcnBNQJnegqhJWeyHE3Tsk7rwLu
C/zf66ak9L55AY5qGhqN4NG2Zzk1hjkHGauVkNJCYH/uI2MroBCt/AjAw4i4GeCU
6ipQzv6tvpaCFlgsTM0/1B+eb01wYHMfOmrFH66D1gBiDdWsI/fmx37im0xpjOYT
GynzZr1JsxM7MIVlL3pF1JEnap0u9hmfcvJZq3vifZURauMwKrpAP6mGECDXPS6o
5wP1Ymt3HqP1KaKq/HJ+dVZKRstdZBdqZJp9hKUZ3r7TWKdODyVcMKFhjQ/n3ZSI
hCXONgB2Ggm0mmQFuJXJq82+D5riR1YqNxDsLDwkenY2ZsaClg9XHpoIEtzLr8tu
DQElaAb2RrddFzzke9VJu7vWQ8pTQkHPdrTB0MSVyjxXCKnlGlEOqpfZ2nzcUAgP
HG6L/xoqWEOdvX9/ig5FrIHqRCEWUWW4tLAZ/A+6LzLkfvxbGSveEuayrbOTMkP5
sryTbmWDRVOcmm+sH9plsRCIhIvR6tQncKJf0Q9JVyX1esUCD+w+LT0j7OljBtRC
vbjTf3+awGUWiPopbsGj6gRsp6ih3h60k/HAVButjW15rlYpDxQBsI1DU1YrHoCB
HEOdJV3bZTkFl6BXV/Kv
=oga0
-----END PGP SIGNATURE-----





Follow ups

References