lp:ubuntu/precise/moodle

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

31. By Tomasz (Tomek) Muras on 2012-04-12

* Backporting security fixes from Moodle 1.9.17
   - MSA-12-00013 DB activtity export does not respect groups
       (CVE-2012-1155, closes: #668411)

30. By Tomasz (Tomek) Muras on 2012-02-27

* Backporting security fixes from Moodle 1.9.15 and 1.9.16
  (closes: #652235)
   - MSA-11-0054 Personal information leak
   - MSA-11-0045 Potential to masquerade through MNet (CVE-2011-4584)
   - MSA-11-0046 Insecure authentication transmission (CVE-2011-4585)
   - MSA-11-0047 Possible injection attack in Calendar (CVE-2011-4586)
   - MSA-11-0048 Password loss issue (CVE-2011-4587)
   - MSA-11-0049 Network restriction ineffective with MNet (CVE-2011-4588)
   - MSA-12-0007 Email injection prevention (CVE-2012-0796)
   - MSA-12-0006 Additional email address validation (CVE-2012-0795)
   - MSA-12-0005 Encryption enhancement (CVE-2012-0794)
   - MSA-12-0004 Added profile image security (CVE-2012-0793)
   - MSA-12-0003 Added password protection
   - MSA-12-0002 Personal information leak, previously MSA-11-0040
     (CVE-2011-4308 and CVE-2012-0792)
   - MSA-12-0001 Recaptcha transmission consistency issue

29. By Tomasz (Tomek) Muras on 2011-10-28

* Backporting security fixes from Moodle 1.9.13 and 1.9.14
    - MSA-11-0026 Fields in user upload CSV not being escaped (MDL-28360)
    - MSA-11-0025 Group names in user upload CSV not being escaped (MDL-28197)
    - MSA-11-0024 Recaptcha images were being authenticated
        from an older server (MDL-27889) (closes: #638935)
    - MSA-11-0020 Continue links in error messages can lead offsite (MDL-27464)
    - MSA-11-0038 Database injection protection strengthened (MDL-29033)
    - MSA-11-0037 Course section editing injection vulnerability (MDL-28722)
    - MSA-11-0036 Messaging refresh vulnerability (MDL-29311)
    - MSA-11-0032 MNET SSL validation issue (MDL-29148)
    - MSA-11-0031 Forms API constant issue (MDL-23872)
* Make sure that smarty & yui symlinks are correct (closes: 603255,614712)

28. By Tomasz (Tomek) Muras on 2011-05-18

* Backporting security fixes from Moodle 1.9.11 and 1.9.12
    - MSA-11-0002 Cross-site request forgery vulnerability in RSS block (MDL-18839)
    - MSA-11-0003 Cross-site scripting vulnerability in tag autocomplete (MDL-25754)
    - MSA-11-0008 IMS enterprise enrolment file may disclose sensitive information (MDL-26189)
    - MSA-11-0011 Multiple cross-site scripting problems in media filter (MDL-26030)
    - MSA-11-0015 Cross Site Scripting through URL encoding (MDL-26966)
    - MSA-11-0013 Group/Quiz permissions issue (MDL-25122)

27. By Christian Perrier on 2011-01-11

* Non-maintainer upload.
* Fix encoding of Swedish debconf translation.

26. By Tomasz (Tomek) Muras on 2010-10-30

* Added Romanian translation
* Updated Japanese translation (closes: #596820)
* Backporting security fixes from Moodle 1.9.10 (closes: #601384)
   - Updated embedded CAS to 1.1.3
   - Added patch for MDL-24523:
     clean_text() not filtering text in markdown format
   - Added patch for MDL-24810 and upgraded customized HTML Purifier to 4.2.0
   - Added patch for MDL-24258:
     students can delete their forum posts later than $CFG->maxeditingtime
     under certain conditions
   - Added patch for MDL-23377:
     Can't delete quiz attempts in course without enrolled students

25. By Jeremy Bícha on 2009-10-22

* Depends on PostgreSQL or MySQL to ensure host database is set up
  before moodle configuration (Closes LP: #440098, 378726)
* Moved debconf to depends instead of pre-depends.

24. By Jeremy Bícha on 2009-10-16

Fix webserver config which prevented access by localhost due to
libc6 change (closes LP: #452622)

23. By Kees Cook on 2009-06-23

* SECURITY UPDATE: filter harmful TeX commands.
  - Add debian/patches/CVE-2009-1171_tex.dpatch: backported
    upstream fixes.

22. By LaserJock on 2009-02-25

* Merge with Debian git (Closes LP: #322961, #239481, #334611):
  - use Ubuntu's smarty lib directory for linking
  - use internal yui library
  - add update-notifier support back in

[Matt Oquist]
  * renamed prerm script
  * significantly rewrote postinst and other maintainer scripts to improve
    user experience and package maintainability
    (Closes LP: #225662, #325450, #327843, #303078, #234609)