[ubuntu/natty-security] mahara, mahara_1.2.7-1ubuntu0.1_i386_translations.tar.gz (delayed) 1.2.7-1ubuntu0.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Wed May 18 17:03:28 UTC 2011 

mahara (1.2.7-1ubuntu0.1) natty-security; urgency=low

  * SECURITY UPDATE: fixes to session key validation (CSRF)
    - debian/patches/CVE-2011-1403.patch: upstream patch

  * SECURITY UPDATE: privilege escalations
    - debian/patches/CVE-2011-1402.patch: upstream patch

  * SECURITY UPDATE: information disclosure in AJAX calls
    - debian/patches/CVE-2011-1404.patch: upstream patch

  * SECURITY UPDATE: https to http downgrade
    - debian/patches/CVE-2011-1406.patch: upstream patch

  * SECURITY UPDATE: sanitisation of HTML emails
    - debian/patches/CVE-2011-1405.patch: upstream patch

Date: Tue, 10 May 2011 16:36:06 +1200
Changed-By: Francois Marier <francois at debian.org>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/mahara/1.2.7-1ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Tue, 10 May 2011 16:36:06 +1200
Source: mahara
Binary: mahara mahara-apache2 mahara-mediaplayer
Architecture: source
Version: 1.2.7-1ubuntu0.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Francois Marier <francois at debian.org>
Description: 
 mahara     - Electronic portfolio, weblog, and resume builder
 mahara-apache2 - Electronic portfolio, weblog, and resume builder - apache2 config
 mahara-mediaplayer - Electronic portfolio, weblog, and resume builder - internal media
Changes: 
 mahara (1.2.7-1ubuntu0.1) natty-security; urgency=low
 .
   * SECURITY UPDATE: fixes to session key validation (CSRF)
     - debian/patches/CVE-2011-1403.patch: upstream patch
 .
   * SECURITY UPDATE: privilege escalations
     - debian/patches/CVE-2011-1402.patch: upstream patch
 .
   * SECURITY UPDATE: information disclosure in AJAX calls
     - debian/patches/CVE-2011-1404.patch: upstream patch
 .
   * SECURITY UPDATE: https to http downgrade
     - debian/patches/CVE-2011-1406.patch: upstream patch
 .
   * SECURITY UPDATE: sanitisation of HTML emails
     - debian/patches/CVE-2011-1405.patch: upstream patch
Checksums-Sha1: 
 926d1912a10dd3e4e079ace9a3e6f4e72ee6ff5f 2041 mahara_1.2.7-1ubuntu0.1.dsc
 7185888f9694a20645cef9995544df3f0ed40a80 26758 mahara_1.2.7-1ubuntu0.1.debian.tar.gz
Checksums-Sha256: 
 903ea16c0e7b373774b70a0788bb9e520038967f1c81cb702769da7347f3313b 2041 mahara_1.2.7-1ubuntu0.1.dsc
 585e4816961671ef5826ca52f15d00212e74acf0754e5288c18d24e681c0b436 26758 mahara_1.2.7-1ubuntu0.1.debian.tar.gz
Files: 
 cd10309193ea0c2bd2a57bee0fc891c3 2041 web optional mahara_1.2.7-1ubuntu0.1.dsc
 980dd7449bdf078aa1356f120a45bf84 26758 web optional mahara_1.2.7-1ubuntu0.1.debian.tar.gz
Original-Maintainer: Mahara Packaging Team <mahara-packaging at lists.launchpad.net>

More information about the Natty-changes mailing list