mahara-packaging team mailing list archive
-
mahara-packaging team
-
Mailing list archive
-
Message #00003
[Bug 556407] [NEW] Sync mahara 1.2.4-1 (universe) from Debian sid (main)
*** This bug is a security vulnerability ***
Public security bug reported:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
affects ubuntu/mahara
status new
importance wishlist
subscribe ubuntu-sponsors
done
Please sync mahara 1.2.4-1 (universe) from Debian sid (main)
Changelog entries since current lucid version 1.2.0-2:
mahara (1.2.4-1) unstable; urgency=high
* New upstream release
- fix for SQL injection (CVE-2010-0400)
-- Francois Marier <francois@xxxxxxxxxx> Tue, 06 Apr 2010 21:07:03
+1200
mahara (1.2.3-1) unstable; urgency=low
* New upstream release
* Fix error in postrm script for when /usr/share/mahara/theme/ doesn't exist
* Bump Standards-Version to 3.8.4
* Switch team maintenance email address to a Launchpad mailing list
-- Francois Marier <francois@xxxxxxxxxx> Mon, 08 Feb 2010 11:58:22 +1300
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iQIcBAEBCAAGBQJLuxhWAAoJEBYoHy4AfJjRXlMP/RGxzGdCLkQibvlIslRxvDKU
USt7A5Wz8r8gkwYlylqPgNjJMtYYyCkSq1CMcXcnBNQJnegqhJWeyHE3Tsk7rwLu
C/zf66ak9L55AY5qGhqN4NG2Zzk1hjkHGauVkNJCYH/uI2MroBCt/AjAw4i4GeCU
6ipQzv6tvpaCFlgsTM0/1B+eb01wYHMfOmrFH66D1gBiDdWsI/fmx37im0xpjOYT
GynzZr1JsxM7MIVlL3pF1JEnap0u9hmfcvJZq3vifZURauMwKrpAP6mGECDXPS6o
5wP1Ymt3HqP1KaKq/HJ+dVZKRstdZBdqZJp9hKUZ3r7TWKdODyVcMKFhjQ/n3ZSI
hCXONgB2Ggm0mmQFuJXJq82+D5riR1YqNxDsLDwkenY2ZsaClg9XHpoIEtzLr8tu
DQElaAb2RrddFzzke9VJu7vWQ8pTQkHPdrTB0MSVyjxXCKnlGlEOqpfZ2nzcUAgP
HG6L/xoqWEOdvX9/ig5FrIHqRCEWUWW4tLAZ/A+6LzLkfvxbGSveEuayrbOTMkP5
sryTbmWDRVOcmm+sH9plsRCIhIvR6tQncKJf0Q9JVyX1esUCD+w+LT0j7OljBtRC
vbjTf3+awGUWiPopbsGj6gRsp6ih3h60k/HAVButjW15rlYpDxQBsI1DU1YrHoCB
HEOdJV3bZTkFl6BXV/Kv
=oga0
-----END PGP SIGNATURE-----
** Affects: mahara (Ubuntu)
Importance: Wishlist
Status: New
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-0400
** This bug has been flagged as a security vulnerability
--
Sync mahara 1.2.4-1 (universe) from Debian sid (main)
https://bugs.launchpad.net/bugs/556407
You received this bug notification because you are a member of Mahara
Packaging, which is subscribed to mahara in ubuntu.
Status in “mahara” package in Ubuntu: New
Bug description:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
affects ubuntu/mahara
status new
importance wishlist
subscribe ubuntu-sponsors
done
Please sync mahara 1.2.4-1 (universe) from Debian sid (main)
Changelog entries since current lucid version 1.2.0-2:
mahara (1.2.4-1) unstable; urgency=high
* New upstream release
- fix for SQL injection (CVE-2010-0400)
-- Francois Marier <francois@xxxxxxxxxx> Tue, 06 Apr 2010 21:07:03 +1200
mahara (1.2.3-1) unstable; urgency=low
* New upstream release
* Fix error in postrm script for when /usr/share/mahara/theme/ doesn't exist
* Bump Standards-Version to 3.8.4
* Switch team maintenance email address to a Launchpad mailing list
-- Francois Marier <francois@xxxxxxxxxx> Mon, 08 Feb 2010 11:58:22 +1300
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iQIcBAEBCAAGBQJLuxhWAAoJEBYoHy4AfJjRXlMP/RGxzGdCLkQibvlIslRxvDKU
USt7A5Wz8r8gkwYlylqPgNjJMtYYyCkSq1CMcXcnBNQJnegqhJWeyHE3Tsk7rwLu
C/zf66ak9L55AY5qGhqN4NG2Zzk1hjkHGauVkNJCYH/uI2MroBCt/AjAw4i4GeCU
6ipQzv6tvpaCFlgsTM0/1B+eb01wYHMfOmrFH66D1gBiDdWsI/fmx37im0xpjOYT
GynzZr1JsxM7MIVlL3pF1JEnap0u9hmfcvJZq3vifZURauMwKrpAP6mGECDXPS6o
5wP1Ymt3HqP1KaKq/HJ+dVZKRstdZBdqZJp9hKUZ3r7TWKdODyVcMKFhjQ/n3ZSI
hCXONgB2Ggm0mmQFuJXJq82+D5riR1YqNxDsLDwkenY2ZsaClg9XHpoIEtzLr8tu
DQElaAb2RrddFzzke9VJu7vWQ8pTQkHPdrTB0MSVyjxXCKnlGlEOqpfZ2nzcUAgP
HG6L/xoqWEOdvX9/ig5FrIHqRCEWUWW4tLAZ/A+6LzLkfvxbGSveEuayrbOTMkP5
sryTbmWDRVOcmm+sH9plsRCIhIvR6tQncKJf0Q9JVyX1esUCD+w+LT0j7OljBtRC
vbjTf3+awGUWiPopbsGj6gRsp6ih3h60k/HAVButjW15rlYpDxQBsI1DU1YrHoCB
HEOdJV3bZTkFl6BXV/Kv
=oga0
-----END PGP SIGNATURE-----
Follow ups
References