lp:ubuntu/raring-proposed/moodle
- Get this branch:
- bzr branch lp:ubuntu/raring-proposed/moodle
Branch merges
Branch information
Recent revisions
- 40. By Didier Raboud
-
* Non-maintainer upload.
* Backport multiple security issues from upstream's MOODLE_22_STABLE
branch.
- MSA-12-0057: MDL-29872 - Access issue through repository
Fixes CVE-2012-5471
- MSA-12-0058: MDL-32785 - Possible form data manipulation issue
Fixes CVE-2012-5472
- MSA-12-0059: MDL-34448 - Information leak in Database activity module
Fixes CVE-2012-5473
- MSA-12-0061: MDL-33791 - Remote code execution through Portfolio API
Fixes CVE-2012-5479
- MSA-12-0062: MDL-35558 - Information leak in Database activity module
Fixes CVE-2012-5480 - 39. By Didier Raboud
-
* Non-maintainer brown-paper bag upload.
* Fix the preinst shell syntax to properly drop the left-over symlink
in favour of the shipped directory. (Closes: #689506 fo real now) - 38. By Didier Raboud
-
* Non-maintainer upload.
* Drop a left-over symlink in favour of the shipped directory.
(Closes: #689506) - 37. By Didier Raboud
-
* Non-maintainer upload.
* Backport multiple security issues from upstream's MOODLE_22_STABLE
branch. (Closes: #687924)
- MSA-12-0051: MDL-30792 - File upload size constraint issue
Fixes CVE-2012-4400
- MSA-12-0052: MDL-28207 - Course topics permission issue
Fixes CVE-2012-4401
- MSA-12-0053: MDL-34585 - Blog file access issue
Fixes CVE-2012-4407
- MSA-12-0054: MDL-34519 - Course reset permission issue
Fixes CVE-2012-4408
- MSA-12-0055: MDL-34368 - Web service access token issue
Fixes CVE-2012-4402 - 36. By Didier Raboud
-
* Non-maintainer upload.
* Backport multiple security issues from upstream's MOODLE_22_STABLE
branch. (Closes: #682203)
- MDL-31692 mod_lti - ensure that various mforms are used properly
Fixes CVE-2012-3389
- MDL-33916 Ensure that capabilities are checked for cached user
enrolments
Fixes CVE-2012-3388 - 35. By Didier Raboud
-
* Non-maintainer upload.
* Backport multiple security issues from upstream's MOODLE_22_STABLE
branch (Closes: #682203)
- MDL-33808 - format title on the repository instance screen
- MDL-33808 - incorrect cleaning of repository names
Both patches fix CVE-2012-3393.
- MDL-23254 Authentication : used httpswwwroot as root url during
authentication procedure where $PAGE->https_required( ) is
specified.
Fix CVE-2012-3394
- MDL-27675 - Feedback module abuses data_submitted
Fix CVE-2012-3395
- MDL-34045 fix invalid idnumber field type in cohort form
Fix CVE-2012-3396
- MDL-33466: Group restriction should hide activity even with 'show
availability' option
Fix CVE-2012-3397
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/raring/moodle