Back to moodle PTS page

Accepted moodle 2.7.5+dfsg-1 (source all) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted moodle 2.7.5+dfsg-1 (source all) into unstable
From: Joost van Baal-Ilić <joostvb@debian.org>
Date: Mon, 02 Feb 2015 09:49:45 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1YIDdZ-00059G-Uw@franck.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 02 Feb 2015 08:38:14 +0000
Source: moodle
Binary: moodle
Architecture: source all
Version: 2.7.5+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Moodle Packaging Team <pkg-moodle-maintainers@lists.alioth.debian.org>
Changed-By: Joost van Baal-Ilić <joostvb@debian.org>
Description:
 moodle     - course management system for online learning
Changes:
 moodle (2.7.5+dfsg-1) unstable; urgency=high
 .
   * New upstream security release:
      Moodle 2.7.5 release notes, Release date: 2 February, 2015: "A number of
      security related issues were resolved. Details of these issues will be released
      after a period of approximately one week to allow system administrators to
      safely update to the latest version."  "Here is the full list of fixed issues in 2.7.5:
      https://tracker.moodle.org/issues/?jql=project+%3D+mdl+AND+resolution+%3D+fixed+AND+fixVersion+in+%28%222.7.5%22%29+ORDER+BY+priority+DESC";
      See also https://docs.moodle.org/dev/Moodle_2.7.5_release_notes .
 .
 moodle (2.7.2+dfsg-3) experimental; urgency=medium
 .
   * Remove lib/tcpdf/include/sRGB.icc from upstream source since it does
     not allow modification (usually known as
     sRGB_IEC61966-2-1_black_scaled.icc).  FWIW: this file was not installed
     by the Moodle 2.6.3 Debian package.
   * Remove lib/flowplayer/flowplayer.audio-3.2.11.swf since sources missing.
   * debian/rules: add preliminary target dfsg, with some comments.
 .
 moodle (2.7.2-2) experimental; urgency=medium
 .
   * debian/control: remove Thijs Kinkhorst from Uploaders, on his request.
     Thanks Thijs!
   * debian/source/include-binaries, debian/missing-sources: Added missing
     sources for
     - the Flowplayer video player from Flowplayer Ltd
       (http://flash.flowplayer.org/): flash-release_3_2_18.tar.gz for
       flowplayer-3.2.18.swf, flash-release_3_2_16.tar.gz for
       lib/flowplayer/flowplayer.controls-3.2.16.swf.
       Downloaded from https://github.com/flowplayer/flash/releases.
     - filter/tex/mimetex.linux and mimetex.freebsd
     NB: flowplayer-3.2.18.swf, flowplayer.controls-3.2.16.swf, mimetex.linux
     and mimetex.freebsd are not shipped with the binary Debian package.
 .
 moodle (2.7.2-1) unstable; urgency=medium
 .
   * This is a semi-public release.
   * New upstream release, fixing security issues:
     - MSA-14-0014 Cross-site request forgery possible in Assignment
       [CVE-2014-0213]
     - MSA-14-0015 Web service token expiry issue for MoodleMobile
       [CVE-2014-0214]
     - MSA-14-0016 Anonymous student identity revealed in Assignment
       [CVE-2014-0215]
     - MSA-14-0017 File access issue in HTML block [CVE-2014-0216]
     - MSA-14-0018 Information leak in courses [CVE-2014-0217]
     - MSA-14-0019 Reflected XSS in URL downloader repository [CVE-2014-0218]
     (See https://docs.moodle.org/dev/Moodle_2.7_release_notes#Security_issues)
   * debian/rules: remove extra license file
     lib/editor/atto/yui/src/rangy/js/license.txt.
   * debian/copyright: add MIT license, for Rangy library for the Atto editor.
   * debian/moodle.lintian-overrides: add embedded-php-library
     lib/markdown/Markdown.php: we can't use Debian's libmarkdown-php due to
     incompatibilities.
   * debian/moodle.lintian-overrides: add embedded-php-library
     lib/simplepie/library/SimplePie.php: we can't use Debian's libphp-simplepie
     due to incompatibilities.
   * debian/moodle.lintian-overrides: add embedded-php-library
     lib/yuilib/3.15.0/yui/yui-min.js: we can't use Debian's libjs-yui
     due to incompatibilities.
   * debian/moodle.lintian-overrides, debian/source/lintian-overrides: change
     lines like "moodle: embedded-javascript-library
     lib/editor/tinymce/tiny_mce/3.5.8/tiny_mce.js" in "moodle source:
     source-is-missing
     lib/editor/tinymce/tiny_mce/3.5.10/plugins/advimage/langs/en_dlg.js":
     Moodle _does_ ship (modified) sources.
   * debian/rules, debian/control: don't use TCPDF library as shipped with
     moodle (tcpdf_php5 TCPDF 5.9.133 MDL-29283, see
     lib/tcpdf/readme_moodle.txt), but php-tcpdf as shipped with
     Debian (6.0.048+dfsg-2~bpo70+1 in wheezy-backports, 6.0.093+dfsg-1 in
     jessie): create symlink /usr/share/moodle/lib/tcpdf -> /usr/share/php/tcpdf.
     NB: the file lib/tcpdf/include/sRGB.icc does not allow modification.
   * debian/source/lintian-overrides: Moodle _does_ ship source of files
     lib/yuilib/3.15.0/datatype-date-format/lang/datatype-date-format* and other
     3.15.0 and 2in3/2.9.0/build files.
   * debian/source/lintian-overrides: Moodle _does_ ship source of file
     AMFTester.swf in amf/testclient/AMFTester.mxml.
   * debian/rules: do not install the Flowplayer video player from Flowplayer
     Ltd (http://flash.flowplayer.org/): source is missing.
   * debian/docs: remove tags.txt: only relevant for developers.
   * debian/control: add myself to uploaders.
   * debian/control: checked for policy 3.9.6, no changes necessary.
Checksums-Sha1:
 4366305e765634e8da8309fb557dea2b5eb365e6 1718 moodle_2.7.5+dfsg-1.dsc
 647df4fd6f89ebcaa7cc56f94631c4f6ff806350 34949352 moodle_2.7.5+dfsg.orig.tar.gz
 d271602b083edb3fd761b3cacd922ac1d7895ff0 72216328 moodle_2.7.5+dfsg-1.debian.tar.xz
 a1deecf1a44f92c75a760ccdc271a63209053bea 15868080 moodle_2.7.5+dfsg-1_all.deb
Checksums-Sha256:
 1cdc7e90aaf3f4e26f236946d6c158897c251a38b37fc94667dc3f1c55de6c9e 1718 moodle_2.7.5+dfsg-1.dsc
 17649f9478046e88fd2ae96e82570aa93cfffeb0a436a0d4b82be42b5c8e76fd 34949352 moodle_2.7.5+dfsg.orig.tar.gz
 7e77aa4c49813736ded956afa51d88b834abc30220a256cf07637d020c596307 72216328 moodle_2.7.5+dfsg-1.debian.tar.xz
 0678ca184174d5ba4cdbf48bb4604255a145385410582e6056277fcd4a4339e7 15868080 moodle_2.7.5+dfsg-1_all.deb
Files:
 e922c36bbe29d9d07380b76928d2f5ec 1718 web optional moodle_2.7.5+dfsg-1.dsc
 16432cc224f62d70bd000a59484a8310 34949352 web optional moodle_2.7.5+dfsg.orig.tar.gz
 4c66ad2d8d47ec9808445546387e9fc7 72216328 web optional moodle_2.7.5+dfsg-1.debian.tar.xz
 1402cf8e887405cb155ff2a7ce8929c7 15868080 web optional moodle_2.7.5+dfsg-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJUzz23AAoJEDNRenKl5rDI7WgH/328SEKnWYsn4teCI90vqxWA
vYBccflxD7FnTmRBJPIzhKdlBUytgj3AS9+iu6HT0oTlUTr9qs+yIxnpzIuZyB7S
ualUU+nHuaXxbPPu9/m7Ax9x/ankdzk05Y5O0t5EqxSS47qWEwRzEdZw0XaHKgOz
H5f4X839CrhxmmbGYtANN9fBrIX5rXn9o0xfa+RaWbZU7Is29r04b42Rt31EsIwf
gUyTvbMGfZDQIOhEecjHM/T89QrWYmYKsnXOoKOXgnp59IINaPXHsfQ24PrYnzS2
gL0E0c5Kl+INNR9sIdji8bJdIGGTjCeVNwZyMYjDoX7VVSjMGSS1ywrReHfMfSE=
=novt
-----END PGP SIGNATURE-----