lp:ubuntu/dapper-security/moodle
- Get this branch:
- bzr branch lp:ubuntu/dapper-security/moodle
Branch merges
Branch information
Recent revisions
- 7. By Daniel T Chen
-
* [SECURITY] Fix multiple XSS and SQL injection vulnerabilities:
- Due to a failure to properly sanitise user input, there's a
PostgreSQL SQL injection vulnerability in
lib/adodb/drivers/ adodb-postgres6 4.inc.php as described in
CVE-2006-0410. Patch applied from Debian #360395.
- The embedded version of lib/adodb/adodb-pager. inc.php is
susceptible to XSS as described in CVE-2006-0806. Patch applied
from Debian #360396.
* References:
http://bugs.debian. org/360395, CVE-2006-0410;
http://bugs.debian. org/360396, CVE-2006-0806.
* debian/:
- postinst: Handle the upgrade path from any previous packaging
revision in Breezy and Dapper that depends on apache2 but
mistakenly uses apache in the debconf template.
- templates: Use apache2 by default since, well, that's what the
dependency prefers. Now Moodle actually installs.
(Closes: Malone #5501, Malone #47812). - 4. By Andrew Mitchell
-
* Resync with debian (security update)
* changed dependencys to php5
* changed apache dependency to apache2
* References
CAN-2005-2247 - 3. By Isaac Clerencia
-
* Urgency high as upstream release fixes several security bugs
* New upstream release
* Write database creation errors and warn the user about it,
closes: #285842, #285842 - 2. By Isaac Clerencia
-
* New upstream release, closes: #252693
* Added "exec 0<&1" to postinst to fix hang when ucf asks the user
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/moodle