Debian Package Tracker

From: Joost van Baal-Ilić <joostvb@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted moodle 2.7.11+dfsg-1 (source all) into unstable
Date: Fri, 04 Dec 2015 16:39:47 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 04 Dec 2015 15:12:23 +0100
Source: moodle
Binary: moodle
Architecture: source all
Version: 2.7.11+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Moodle Packaging Team <pkg-moodle-maintainers@lists.alioth.debian.org>
Changed-By: Joost van Baal-Ilić <joostvb@debian.org>
Description:
 moodle     - course management system for online learning
Changes:
 moodle (2.7.11+dfsg-1) unstable; urgency=high
 .
   * New upstream security release, released Nov 9, 2015.  Note that the
     upstream 2.7 branch is now supported for security fixes only until May 2017
     (LTS).  Security issues fixed:
     - MSA-15-0039 CSRF in site registration form
     - MSA-15-0040 Student XSS in survey
     - MSA-15-0041 XSS in flash video player
     - MSA-15-0042 CSRF in lesson login form
     - MSA-15-0043 Web service core_enrol_get_enrolled_users does not respect
       course group mode
     - MSA-15-0044 Capability to view available badges is not respected
     - MSA-15-0045 SCORM module allows one to bypass access restrictions based on
       date
     - MSA-15-0046 Choice module closing date can be bypassed
     (In https://moodle.org/mod/forum/discuss.php?d=322852 at Monday, November 9,
     2015, 9:17 AM Marina Glancy wrote: "we'll publish details more widely in a
     week."  As of december 4, no CVE's seem to have been assigned.)
     Other Fixes and improvements:
     - MDL-51083 - Fixed undesired browser password autofilling in several forms
       (majority of forms were fixed in MDL-45772 in previous release)
     - MDL-51190 - Fixed MS Edge locking up when viewing embedded PDF
     See https://docs.moodle.org/dev/Moodle_2.7.11_release_notes for more
     details.
   * debian/source/lintian-overrides: add some more incorrectly flagged
     javascript files.  See lintian bug 802028 (and 799861).
Checksums-Sha1:
 f9c8c6935b57e530188f3b9eea47b67dddae4ccc 1725 moodle_2.7.11+dfsg-1.dsc
 37e6db061ad06db5e324666bfcb40758ce89dcb5 35005767 moodle_2.7.11+dfsg.orig.tar.gz
 ec1c9cfd8a9a867ad0d91103d6da9c920caa8be4 72213076 moodle_2.7.11+dfsg-1.debian.tar.xz
 b84bae0e9e8e841a1c5392dbbb26b1503e3bb47c 15394578 moodle_2.7.11+dfsg-1_all.deb
Checksums-Sha256:
 1a55a92f8183cb7b3afb7a35ae167ef039d1bcb75d29dc92a99cda5dff9ec2eb 1725 moodle_2.7.11+dfsg-1.dsc
 cafa0ea451e9f70ce4530611d312a8e98620d5d02ce0861cb1195b36f322793d 35005767 moodle_2.7.11+dfsg.orig.tar.gz
 e72e33bbd6ae316e18af42a5fcc4e6ea255d54f271a64fb2c6149fcfca5452a0 72213076 moodle_2.7.11+dfsg-1.debian.tar.xz
 b72d22acbc695ab45937a217d44f9e267d352306ff2e1fa1d8863586be80a5ea 15394578 moodle_2.7.11+dfsg-1_all.deb
Files:
 bcaf7c8447ecae19e098a2414948eced 1725 web optional moodle_2.7.11+dfsg-1.dsc
 5055427126dd1265f34b0b765a8d8395 35005767 web optional moodle_2.7.11+dfsg.orig.tar.gz
 3b76e6b3d60197a9c8010d5239787e07 72213076 web optional moodle_2.7.11+dfsg-1.debian.tar.xz
 ed8e4be26b911d0615f6b284caa96abe 15394578 web optional moodle_2.7.11+dfsg-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJWYbSOAAoJEDNRenKl5rDIqGIH/jdlpM/9Kd/TXaU08RxwFkdY
5gY4ihESo9jmKt13quouNfrLlV2kIEA91Lny5OGoIm4T8mY9wl3oHFzlPnTHX7Ky
2QTZD/xYEmQV/AqD5IOtBYB/rO592MMJrbMZyRaR3FPdXbYUfij8yqy2jawZiTlq
z8XmklDHQlTdQoaaWXx4+D41dLlZt9Wv9sLZkCL4FTcwgIriaLz746XOJ9ai24k8
IZ66niRwG4/FzG7+3x+//YzWw5mQdASJaVDpTFRWj5y6Oa8deHt0fb+oN0bcVcrY
lvJPqIvYh66GkYEp4cCXmZsYkm6KmOLPagxZuqgModes2X4/O+BL/qI/kAwZ/x0=
=qCT1
-----END PGP SIGNATURE-----
News for package moodle
