Accepted moodle 2.7.2+dfsg-3 (source all) into experimental
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 30 Jan 2015 12:48:55 +0000
Source: moodle
Binary: moodle
Architecture: source all
Version: 2.7.2+dfsg-3
Distribution: experimental
Urgency: medium
Maintainer: Moodle Packaging Team <pkg-moodle-maintainers@lists.alioth.debian.org>
Changed-By: Joost van Baal-Ilić <joostvb@debian.org>
Description:
moodle - course management system for online learning
Changes:
moodle (2.7.2+dfsg-3) experimental; urgency=medium
.
* Remove lib/tcpdf/include/sRGB.icc from upstream source since it does
not allow modification (usually known as
sRGB_IEC61966-2-1_black_scaled.icc). FWIW: this file was not installed
by the Moodle 2.6.3 Debian package.
* Remove lib/flowplayer/flowplayer.audio-3.2.11.swf since sources missing.
* debian/rules: add preliminary target dfsg, with some comments.
.
moodle (2.7.2-2) experimental; urgency=medium
.
* debian/control: remove Thijs Kinkhorst from Uploaders, on his request.
Thanks Thijs!
* debian/source/include-binaries, debian/missing-sources: Added missing
sources for
- the Flowplayer video player from Flowplayer Ltd
(http://flash.flowplayer.org/): flash-release_3_2_18.tar.gz for
flowplayer-3.2.18.swf, flash-release_3_2_16.tar.gz for
lib/flowplayer/flowplayer.controls-3.2.16.swf.
Downloaded from https://github.com/flowplayer/flash/releases.
- filter/tex/mimetex.linux and mimetex.freebsd
NB: flowplayer-3.2.18.swf, flowplayer.controls-3.2.16.swf, mimetex.linux
and mimetex.freebsd are not shipped with the binary Debian package.
.
moodle (2.7.2-1) unstable; urgency=medium
.
* This is a semi-public release.
* New upstream release, fixing security issues:
- MSA-14-0014 Cross-site request forgery possible in Assignment
[CVE-2014-0213]
- MSA-14-0015 Web service token expiry issue for MoodleMobile
[CVE-2014-0214]
- MSA-14-0016 Anonymous student identity revealed in Assignment
[CVE-2014-0215]
- MSA-14-0017 File access issue in HTML block [CVE-2014-0216]
- MSA-14-0018 Information leak in courses [CVE-2014-0217]
- MSA-14-0019 Reflected XSS in URL downloader repository [CVE-2014-0218]
(See https://docs.moodle.org/dev/Moodle_2.7_release_notes#Security_issues)
* debian/rules: remove extra license file
lib/editor/atto/yui/src/rangy/js/license.txt.
* debian/copyright: add MIT license, for Rangy library for the Atto editor.
* debian/moodle.lintian-overrides: add embedded-php-library
lib/markdown/Markdown.php: we can't use Debian's libmarkdown-php due to
incompatibilities.
* debian/moodle.lintian-overrides: add embedded-php-library
lib/simplepie/library/SimplePie.php: we can't use Debian's libphp-simplepie
due to incompatibilities.
* debian/moodle.lintian-overrides: add embedded-php-library
lib/yuilib/3.15.0/yui/yui-min.js: we can't use Debian's libjs-yui
due to incompatibilities.
* debian/moodle.lintian-overrides, debian/source/lintian-overrides: change
lines like "moodle: embedded-javascript-library
lib/editor/tinymce/tiny_mce/3.5.8/tiny_mce.js" in "moodle source:
source-is-missing
lib/editor/tinymce/tiny_mce/3.5.10/plugins/advimage/langs/en_dlg.js":
Moodle _does_ ship (modified) sources.
* debian/rules, debian/control: don't use TCPDF library as shipped with
moodle (tcpdf_php5 TCPDF 5.9.133 MDL-29283, see
lib/tcpdf/readme_moodle.txt), but php-tcpdf as shipped with
Debian (6.0.048+dfsg-2~bpo70+1 in wheezy-backports, 6.0.093+dfsg-1 in
jessie): create symlink /usr/share/moodle/lib/tcpdf -> /usr/share/php/tcpdf.
NB: the file lib/tcpdf/include/sRGB.icc does not allow modification.
* debian/source/lintian-overrides: Moodle _does_ ship source of files
lib/yuilib/3.15.0/datatype-date-format/lang/datatype-date-format* and other
3.15.0 and 2in3/2.9.0/build files.
* debian/source/lintian-overrides: Moodle _does_ ship source of file
AMFTester.swf in amf/testclient/AMFTester.mxml.
* debian/rules: do not install the Flowplayer video player from Flowplayer
Ltd (http://flash.flowplayer.org/): source is missing.
* debian/docs: remove tags.txt: only relevant for developers.
* debian/control: add myself to uploaders.
* debian/control: checked for policy 3.9.6, no changes necessary.
Checksums-Sha1:
68826b9782577541089d1388c9b38229daaeaf00 1718 moodle_2.7.2+dfsg-3.dsc
e7f5ed2e4036c91d010778430cbc87a6bef11c12 34868223 moodle_2.7.2+dfsg.orig.tar.gz
21aaee58882a7e49fedd571ddaa9556b31c6ef78 72216104 moodle_2.7.2+dfsg-3.debian.tar.xz
d0ffc51932f6cb44541ef52d2800d9778b89d804 16258938 moodle_2.7.2+dfsg-3_all.deb
Checksums-Sha256:
be2bde93f4359f52cae984665948ab9d6e88fd20e104cc71b5bfccb41867bd59 1718 moodle_2.7.2+dfsg-3.dsc
ed13821442a28460fdf1b6d36b4ca2bb2ff6f41142979fa54ed70fd937362581 34868223 moodle_2.7.2+dfsg.orig.tar.gz
ebf2c48b1e43b9fd4ee13452feee72c1bb2d1e4100160374031776bf9b016a33 72216104 moodle_2.7.2+dfsg-3.debian.tar.xz
53e29571fd3204e56a1dcddb01b43337c00ede09dc3482871492251a3551e4d7 16258938 moodle_2.7.2+dfsg-3_all.deb
Files:
2dd0687f2726524140888a9063ce6302 1718 web optional moodle_2.7.2+dfsg-3.dsc
818f50950f3345b1a4a50fcc20550ab8 34868223 web optional moodle_2.7.2+dfsg.orig.tar.gz
e766506535596ea2aa3209fefddd5f53 72216104 web optional moodle_2.7.2+dfsg-3.debian.tar.xz
00e4b4d04892bf005e55f63aaa26211e 16258938 web optional moodle_2.7.2+dfsg-3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJUy4IOAAoJEDNRenKl5rDI//MH/3Gk+SF/H0wGq4C3l8F800mn
WrYds58LbDN5tFLJ1hEjXIp5vQ1xjtsc43C/MhTo+wct0UB5uO0+CMpPzQKJJqgp
SUn+3ujENFoiguve5gOdBZf3MBCozma+dnb5V59l8wcMGAurlitqRDtCDz3wjiay
S4M0imKUqjgkRbCQenZ46tZDf08UGhbSKlja7gGB3oRAQrQqHh7DvLRuBHSuHDIF
8czqxIeZXJqvmgm38nwiSXiK8c17XFg+yPXcdBginPrQlZU8n2zvDgYWlOzvr4vL
9WQ+Fna8jNKY4yEr6sO7XAmfJ6i5TEpNfOBxrUJ/KD8LqihHnlUoJWSTJPZ0Zv0=
=2MCw
-----END PGP SIGNATURE-----