Debian Package Tracker

From: Dan Poltawski <talktodan@gmail.com>
To: <debian-changes@lists.debian.org>
Subject: Accepted moodle 1.8.2.dfsg-3+lenny3 (source all)
Date: Wed, 03 Feb 2010 01:52:40 +0000
Signed by: Hubert Chan <hubert@uhoreg.ca>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Format: 1.8
Date: Wed, 09 Dec 2009 12:19:30 +0000
Source: moodle
Binary: moodle
Architecture: source all
Version: 1.8.2.dfsg-3+lenny3
Distribution: stable-security
Urgency: high
Maintainer: Moodle Packaging Team <pkg-moodle-maintainers@lists.alioth.debian.org>
Changed-By: Dan Poltawski <talktodan@gmail.com>
Description: 
 moodle     - Course Management System for Online Learning
Closes: 559531
Changes: 
 moodle (1.8.2.dfsg-3+lenny3) stable-security; urgency=high
 .
   [ Dan Poltawski ]
   * Fix multiple security issues (closes: 559531):
    - MSA-09-0019: SQL injection in update_record
    - MSA-09-0022: Multiple CSRF vunrabilities (CVE-2009-4297)
    - MSA-09-0023: User account disclosure in LAMS module (CVE-2009-4297)
    - MSA-09-0024: Insufficient access control in glossary (CVE-2009-4299)
    - MSA-09-0026: Invalid application access control in MNET interface (CVE-2009-4301)
    - MSA-09-0027: Login information can be sent unsecured even when site is configured
      to use SSL for logins (CVE-2009-4302)
    - MSA-09-0028: Multiple backup/restore related issues (CVE-2009-4303)
    - MSA-09-0031: SQL injection in SCORM module (CVE-2009-4305)
    - MSA-09-0010: Unzip binary may create symbolic links pointing outside
      of dataroot on unix/linux servers
    - MSA-09-0011: Glossary, database and forum ratings are not verified
      after submission
 .
   [ Francois Marier ]
   * Update maintainer email address
Checksums-Sha1: 
 0e2dae09c09e0e243bd091ea44ab8231db588a73 1332 moodle_1.8.2.dfsg-3+lenny3.dsc
 3ac9d9bc3a2927f8a5c16304e5daa192366cf972 67070 moodle_1.8.2.dfsg-3+lenny3.diff.gz
 9f781e2af71fa86d79ce5279624597245eb9109c 8628382 moodle_1.8.2.dfsg-3+lenny3_all.deb
Checksums-Sha256: 
 8b34ede3f07011771c8ea0cfc3e49ceb867a5dd546631aca8b74d30ed6f5e3e6 1332 moodle_1.8.2.dfsg-3+lenny3.dsc
 54e3b50928ae2d7e090c81d228e35f00b6221f4fa18d8bce70c8138a04136628 67070 moodle_1.8.2.dfsg-3+lenny3.diff.gz
 b2212198157af674d0d5651001b79f17fc0ce3268ac5d3614e15403a4a6d8034 8628382 moodle_1.8.2.dfsg-3+lenny3_all.deb
Files: 
 e6692ee05c7eda37d36ef9a0d24ce2ae 1332 web optional moodle_1.8.2.dfsg-3+lenny3.dsc
 e8843f3e443495842705c040c0d98779 67070 web optional moodle_1.8.2.dfsg-3+lenny3.diff.gz
 1985ebd60f8f9f2fb03a25e9b0c58c50 8628382 web optional moodle_1.8.2.dfsg-3+lenny3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEAREDAAYFAktk4toACgkQrynHGRJLYfrIeACfdyO4+xs82/CPUmkhhRpcFE+N
/2IAoJheOUv9n58wDQ0JVyMAU3/wgSh7
=WII4
-----END PGP SIGNATURE-----


Accepted:
moodle_1.8.2.dfsg-3+lenny3.diff.gz
  to main/m/moodle/moodle_1.8.2.dfsg-3+lenny3.diff.gz
moodle_1.8.2.dfsg-3+lenny3.dsc
  to main/m/moodle/moodle_1.8.2.dfsg-3+lenny3.dsc
moodle_1.8.2.dfsg-3+lenny3_all.deb
  to main/m/moodle/moodle_1.8.2.dfsg-3+lenny3_all.deb
News for package moodle
