Accepted mahara 1.0.4-4+lenny11 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 03 Nov 2011 16:04:03 +1300
Source: mahara
Binary: mahara mahara-apache2
Architecture: source all
Version: 1.0.4-4+lenny11
Distribution: oldstable-security
Urgency: high
Maintainer: Mahara Debian Packaging Team <pkg-debian@mahara.org>
Changed-By: Francois Marier <francois@debian.org>
Description:
mahara - Electronic portfolio, weblog, and resume builder
mahara-apache2 - Electronic portfolio, weblog, and resume builder - apache2 config
Changes:
mahara (1.0.4-4+lenny11) oldstable-security; urgency=high
.
* SECURITY UPDATE: fix unsanitised URIs in external feed block (XSS)
- debian/patches/CVE-2011-2771.dpatch: upstream patch
.
* SECURITY UPDATE: fix DoS when large or invalid images are uploaded
- debian/patches/CVE-2011-2772.dpatch: upstream patch
.
* SECURITY UPDATE: fix CSRF when adding a user to an institution
- debian/patches/CVE-2011-2773.dpatch: upstream patch
.
* SECURITY UPDATE: prevent masquerading as another user through MNet
- debian/patches/mnet_masquerading.dpatch: upstream patch
Checksums-Sha1:
214bd17bc556a2d84353c218273ee6cc9b7b7874 1947 mahara_1.0.4-4+lenny11.dsc
236e3e9af05d604ad3aa642526888b1fc7a1ef44 53045 mahara_1.0.4-4+lenny11.diff.gz
60c6c27ef323afcbb6106b8e0ac4f435d815f938 1697860 mahara_1.0.4-4+lenny11_all.deb
a23e2580749be652a45003cbd732564e88163a21 8632 mahara-apache2_1.0.4-4+lenny11_all.deb
Checksums-Sha256:
82e6c828f92b077e9c5999c687276b4e5334786f62c47e3bc554b346cc65f058 1947 mahara_1.0.4-4+lenny11.dsc
b76bfd74381a79773d5558fd8a0f8bb1630ba15330479eff7aade096f42668ef 53045 mahara_1.0.4-4+lenny11.diff.gz
2f8421ed96bae7f5f77ffed3112ec5ccfdd9ca3e9e928297e89b88b7913f59b3 1697860 mahara_1.0.4-4+lenny11_all.deb
970a092df53c1a06c4fb713b9493bd5f5ab891540eebfb0f86866ae5a4b69cc4 8632 mahara-apache2_1.0.4-4+lenny11_all.deb
Files:
6b5175042d2daf0d55b908c378eb9121 1947 web optional mahara_1.0.4-4+lenny11.dsc
02b27928b6d18e24489a5d1ee8db9d91 53045 web optional mahara_1.0.4-4+lenny11.diff.gz
8a2a1251c3f2fe83b78ddec1a306591f 1697860 web optional mahara_1.0.4-4+lenny11_all.deb
fe195768d15ba47bc63b8e34f23609d8 8632 web optional mahara-apache2_1.0.4-4+lenny11_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAEBCAAGBQJOsgduAAoJEBYoHy4AfJjRhV8P/j4pl6hSIDuBcxvN6fNtdLoe
oBGx0FtXf+QCtsC7n0K6Xva6a62l0HkHYvJWuuQmD70QfMVEBgHyz8Rhpo/eF4F6
glxD0IYFfrz2yUAOw2StoSIhiYuVlAAczPhDhXJ4EwfuCuk7+6VEFE3W2KmmOejk
K/1B/WBvY5N2BPGJPRFwko5Er2HNbQ0WoiKP0+Q9YOf2E9TZwFpqoyHQfC4d+Xfe
5GNMG9f5UHYDMDriYCyhFEv8epl6ndB8nW96blA4DLhVQDqD+GAPSefanUwwLTXA
95YdW0hANaiDlnNpVIQQrTMIwuQbX7DDRjTpc6MSApTl0Z3/cVsdrLMVqk9P7p66
is651lQ/rHPvhGpAguH4a58Lg/3Owt8xMHpTtjAB+gHSlYLp/RgbbkI2FXKUlOzD
ff8fV48Vg0J9xLOTDuUXP6RVqtCCw/2pbTMWT6RZZoS+zPb7yWFGKQrWwvVW+KNB
ECaVQPYs9n6Tr0aehKozwziE245dZEXctWxVmHHnnTbXUR8v9hGpAbXv1pCkIfyJ
MOdMqA+JciGR+d3CkakEfoS48QftKfY/w6rKQjFewExBEUyTDCPZv/EWy+QczRfJ
ZtUFyWMX1T5LxyEmmq1xSaNgpas5VZnyzGuJyxRG9XhoU0FjGCLjeRr3dN8/sQg6
oQoEKBJpd91u8/4NhJg3
=XDAY
-----END PGP SIGNATURE-----
Accepted:
mahara-apache2_1.0.4-4+lenny11_all.deb
to main/m/mahara/mahara-apache2_1.0.4-4+lenny11_all.deb
mahara_1.0.4-4+lenny11.diff.gz
to main/m/mahara/mahara_1.0.4-4+lenny11.diff.gz
mahara_1.0.4-4+lenny11.dsc
to main/m/mahara/mahara_1.0.4-4+lenny11.dsc
mahara_1.0.4-4+lenny11_all.deb
to main/m/mahara/mahara_1.0.4-4+lenny11_all.deb