-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 17 Dec 2008 13:37:10 +1300 Source: moodle Binary: moodle Architecture: source all Version: 1.8.2.dfsg-2 Distribution: unstable Urgency: high Maintainer: Moodle Packaging Team <moodle-packaging@catalyst.net.nz> Changed-By: Francois Marier <francois@debian.org> Description: moodle - Course Management System for Online Learning Closes: 508909 Changes: moodle (1.8.2.dfsg-2) unstable; urgency=high . [ Dan Poltawski ] * Patch SQL injection bug in hotpot module (MSA-08-0010) * Fix XSS bug in logged urls (MDL-11414) * Fix XSS bug in install script (MSA-08-0004) * Fix insufficient access control in Login as feature (MSA-08-0003) * Profiles of deleted users were accessible allowing for spam (MSA-08-0015) * Deficincy in text cleaning functions allowed for XSS (MSA-08-0021) * Fix CSRF in messaging settings (MSA-08-0023) * Fix anonymous group creation and html injection (MDL-11759) * Fix SQL injection bug in mnet (MDL-9288) * Fix SQL injection bug in restore (MDL-11857) * Insufficient cleaning of essay questions (MDL-12079) * Fix insufficient cleaning of PARAM_HOST (MDL-12793) * Fix XSS bug in logged urls (MDL-11414) * Fix uncleaned params in wiki (MDL-14806) . [ Francois Marier ] * Update html2text to prevent code execution attacks (closes: #508909) Checksums-Sha1: 4b5a11c0d458f1982b5030f2bc776bd7ac6406ab 1362 moodle_1.8.2.dfsg-2.dsc 93f9bd3c9095fd6d0c63df5525d6561d898bc3b7 43969 moodle_1.8.2.dfsg-2.diff.gz 61e714003fb67967941e15de511b3240138e6dda 8722420 moodle_1.8.2.dfsg-2_all.deb Checksums-Sha256: 42f1c506dcbc3e778d4e33a03467b5916d16b6b2e6e090fb6cfcc8593ca00a1f 1362 moodle_1.8.2.dfsg-2.dsc 512ef655560b7ea753ee1723c75026467bc0fd07e34b04f63943739104af243b 43969 moodle_1.8.2.dfsg-2.diff.gz ed0f67b5bae9d1348110321a1251419f195f1a3446bef5a28dbb107512bc944a 8722420 moodle_1.8.2.dfsg-2_all.deb Files: 67c70c53a69a65e218e3428a425caaf8 1362 web optional moodle_1.8.2.dfsg-2.dsc 75fc4dd2a5bce9e5b682b3804c807361 43969 web optional moodle_1.8.2.dfsg-2.diff.gz 2374aa6c5e3351c964a6e0fd9822d474 8722420 web optional moodle_1.8.2.dfsg-2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAklIdq8ACgkQScUZKBnQNIbxYgCfXLjMqaa0G+cCd+jJvRoi7N6y zrcAnApJcK683ZC+040/NsoPVxLCNOpY =C28q -----END PGP SIGNATURE----- Accepted: moodle_1.8.2.dfsg-2.diff.gz to pool/main/m/moodle/moodle_1.8.2.dfsg-2.diff.gz moodle_1.8.2.dfsg-2.dsc to pool/main/m/moodle/moodle_1.8.2.dfsg-2.dsc moodle_1.8.2.dfsg-2_all.deb to pool/main/m/moodle/moodle_1.8.2.dfsg-2_all.deb
