Accepted mahara 1.2.6-2+squeeze2 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 09 May 2011 13:30:06 +1200
Source: mahara
Binary: mahara mahara-apache2 mahara-mediaplayer
Architecture: source all
Version: 1.2.6-2+squeeze2
Distribution: stable-security
Urgency: high
Maintainer: Mahara Packaging Team <mahara-packaging@lists.launchpad.net>
Changed-By: Francois Marier <francois@debian.org>
Description:
mahara - Electronic portfolio, weblog, and resume builder
mahara-apache2 - Electronic portfolio, weblog, and resume builder - apache2 config
mahara-mediaplayer - Electronic portfolio, weblog, and resume builder - internal media
Changes:
mahara (1.2.6-2+squeeze2) stable-security; urgency=high
.
* SECURITY UPDATE: fixes to session key validation (CSRF)
- debian/patches/CVE-2011-1403.patch: upstream patch
.
* SECURITY UPDATE: privilege escalations
- debian/patches/CVE-2011-1402.patch: upstream patch
.
* SECURITY UPDATE: information disclosure in AJAX calls
- debian/patches/CVE-2011-1404.patch: upstream patch
.
* SECURITY UPDATE: https to http downgrade
- debian/patches/CVE-2011-1406.patch: upstream patch
.
* SECURITY UPDATE: sanitisation of HTML emails
- debian/patches/CVE-2011-1405.patch: upstream patch
Checksums-Sha1:
dd44eb1a184930ad5984ece479174d88b5cef11f 1962 mahara_1.2.6-2+squeeze2.dsc
2809ff23b19a15a34a9a81e5e5006b07ff363c01 25869 mahara_1.2.6-2+squeeze2.debian.tar.gz
e5ee4cffeb32b7c707804cfe43b62461d7512637 1629640 mahara_1.2.6-2+squeeze2_all.deb
a8b971530040e6239ef915a3ce1f692568f41346 12496 mahara-apache2_1.2.6-2+squeeze2_all.deb
85b9fc938b4e23f445da2b86ab7020ab976450fb 451768 mahara-mediaplayer_1.2.6-2+squeeze2_all.deb
Checksums-Sha256:
f945a2e1458bc0799ff17e1599d4f75724f27386c95edf77971545cb63945b3a 1962 mahara_1.2.6-2+squeeze2.dsc
c047252d2b8c73635962ee73935e6a83659bff98bb311e5480e4aecbf8bade02 25869 mahara_1.2.6-2+squeeze2.debian.tar.gz
c0824079e44b14cd89c1e45e9a8bf4bf2801fa26495f1f793eaafd880b69619e 1629640 mahara_1.2.6-2+squeeze2_all.deb
e9d861f90d87a45e853a3223dc616a9ee829d498de84abf389ee6705d8609816 12496 mahara-apache2_1.2.6-2+squeeze2_all.deb
cafc85e13abd028ffc92313308b753aff26e49c5dbf52942ee0d8a950af2b8c1 451768 mahara-mediaplayer_1.2.6-2+squeeze2_all.deb
Files:
b665e0036eba5d600d47308573db3528 1962 web optional mahara_1.2.6-2+squeeze2.dsc
538a0ec83007004fb9bbe2098eb465e1 25869 web optional mahara_1.2.6-2+squeeze2.debian.tar.gz
da28949614a5f89c6c5c610c8f613c69 1629640 web optional mahara_1.2.6-2+squeeze2_all.deb
af23f0dc7e5ccbfe54defb47c5a3e8a6 12496 web optional mahara-apache2_1.2.6-2+squeeze2_all.deb
a8994f1940cc72d0018f0e4cfec9ec92 451768 contrib/web optional mahara-mediaplayer_1.2.6-2+squeeze2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCAAGBQJNx0WhAAoJEBYoHy4AfJjR944P/Ah60Lhu+PkahTt6Xbi7LjmS
vqhwaaVRtJoSeln6caCq4mmDGMC/k9bf5lMSOzReglFJmHaWW4p3WoPCtc7Evw9t
eBOPqHAi9Uimp1bqkDxpZDKtrcYO+0mMHUXUqsL27MjD0hjC38a07UoYeNrFEpv5
+dRWgW6EBTuQni2p4UjoBqnQfVc2USUOEtavHzabh4zi2lyPJdm00MU2mjPznjmG
1hiJeodVWPnNoR86kamGmciQKFU8esn6XC43qZ860a2Ca9VdexAsXJilgCPMzmoA
9OpgdTO4g97+//riR6aUX9A5j2l7ytuBmVxgLrdEunUJBA4DYSO10MjYMIaPrYTD
c+jKUQJrp9Mq9L0SO3t5zfNwCSU2lGoAPSraoghpFVpq1EMW6eKLW7USo1XRhzjv
86EYPTNH2KISUqXKQrmPADqpuaSGSRdV70cHgzy61zb+xye/mDZWxkkcnSwB+/7T
a4lORjJLF0vs+FnZU3/Ub4ymlIJB543rYS2SlcEt1ErCPyO2GJlDkr1bP22MyfpO
/v0CfSL1V3HZdTZCho+tmgLeXwChUwFYF+QAevbG9RNngIvlrUh4+yOW61edE9ZJ
9aRTqc1Op6YCsxI0YRpEo67/5zOmVvpxSEHIxDZ6Xz93+No/h7pW5WpsxgDvCQpd
y0Jsl0kKRdmVveiyiiiU
=sw2D
-----END PGP SIGNATURE-----
Accepted:
mahara-apache2_1.2.6-2+squeeze2_all.deb
to main/m/mahara/mahara-apache2_1.2.6-2+squeeze2_all.deb
mahara-mediaplayer_1.2.6-2+squeeze2_all.deb
to contrib/m/mahara/mahara-mediaplayer_1.2.6-2+squeeze2_all.deb
mahara_1.2.6-2+squeeze2.debian.tar.gz
to main/m/mahara/mahara_1.2.6-2+squeeze2.debian.tar.gz
mahara_1.2.6-2+squeeze2.dsc
to main/m/mahara/mahara_1.2.6-2+squeeze2.dsc
mahara_1.2.6-2+squeeze2_all.deb
to main/m/mahara/mahara_1.2.6-2+squeeze2_all.deb