[ubuntu/quantal] mahara 1.5.1-2 (Accepted)
Scott Kitterman
ubuntu at kitterman.com
Fri Sep 7 18:44:10 UTC 2012
mahara (1.5.1-2) unstable; urgency=high
* SECURITY UPDATE: Fix multiple cross-site scripting vulnerabilities
- Sanitize json-encode login form when injected by js
- Sanitize links in links and resources menu
- Sanitize file description for blog image editor
- Add escaping to user_display_name by adding to dwoo template
- debian/patches/CVE-2012-2237-0001.patch: upstream patch
- debian/patches/CVE-2012-2237-0002.patch: upstream patch
- debian/patches/CVE-2012-2237-0003.patch: upstream patch
- debian/patches/CVE-2012-2237-0004.patch: upstream patch
Date: 2012-08-13 16:22:54.635563+00:00
Changed-By: Mahara Packaging <mahara-packaging at lists.launchpad.net>
Signed-By: Scott Kitterman <ubuntu at kitterman.com>
https://launchpad.net/ubuntu/quantal/+source/mahara/1.5.1-2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Quantal-changes
mailing list