Your message dated Mon, 23 Jul 2012 18:32:13 +0000
with message-id <[email protected]>
and subject line Bug#682203: fixed in moodle 2.2.3.dfsg-2.1
has caused the Debian Bug report #682203,
regarding Multiple security issues
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
682203: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=682203
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: moodle
Severity: grave
Tags: security
Please see http://www.openwall.com/lists/oss-security/2012/07/17/1
for details and links to patches.
Remember that Wheezy is frozen, so please fix this by uploading isolated
fixes instead of updating to a new upstream release.
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: moodle
Source-Version: 2.2.3.dfsg-2.1
We believe that the bug you reported is fixed in the latest version of
moodle, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Didier Raboud <[email protected]> (supplier of updated moodle package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 20 Jul 2012 19:52:07 +0200
Source: moodle
Binary: moodle
Architecture: source all
Version: 2.2.3.dfsg-2.1
Distribution: unstable
Urgency: low
Maintainer: Moodle Packaging Team
<[email protected]>
Changed-By: Didier Raboud <[email protected]>
Description:
moodle - course management system for online learning
Closes: 682203
Changes:
moodle (2.2.3.dfsg-2.1) unstable; urgency=low
.
* Non-maintainer upload.
.
* Backport multiple security issues from upstream's MOODLE_22_STABLE
branch (Closes: #682203)
- MDL-33808 - format title on the repository instance screen
- MDL-33808 - incorrect cleaning of repository names
Both patches fix CVE-2012-3393.
- MDL-23254 Authentication : used httpswwwroot as root url during
authentication procedure where $PAGE->https_required() is
specified.
Fix CVE-2012-3394
- MDL-27675 - Feedback module abuses data_submitted
Fix CVE-2012-3395
- MDL-34045 fix invalid idnumber field type in cohort form
Fix CVE-2012-3396
- MDL-33466: Group restriction should hide activity even with 'show
availability' option
Fix CVE-2012-3397
Checksums-Sha1:
253a6e36ce75766a0914ec6713ecf5baea34faad 1875 moodle_2.2.3.dfsg-2.1.dsc
f390bc4363e067702767b757b3c6b6fe384bd6bc 28793
moodle_2.2.3.dfsg-2.1.debian.tar.gz
854e2eacb3a1877f9b21b709e2e563c638ce3ce9 16280268 moodle_2.2.3.dfsg-2.1_all.deb
Checksums-Sha256:
b94425a74d55b88ddd621fb32661da145e755617f2b101d66a9a35b37efee7fa 1875
moodle_2.2.3.dfsg-2.1.dsc
d9f249852a9935e53df8d413ada328d08891af326a57761706010bccba741ce8 28793
moodle_2.2.3.dfsg-2.1.debian.tar.gz
f04756a7c4d7c162ade77afc46d1d8ff14ca44f3c00de23c5e37d52b3b437645 16280268
moodle_2.2.3.dfsg-2.1_all.deb
Files:
4cd29843f23e43aaa35f5d2eb47e86fb 1875 web optional moodle_2.2.3.dfsg-2.1.dsc
8794505fe2f73d37f1c7732feb2dd785 28793 web optional
moodle_2.2.3.dfsg-2.1.debian.tar.gz
461f6d5e0956a8f52539bf0d57830c6b 16280268 web optional
moodle_2.2.3.dfsg-2.1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQGcBAEBCAAGBQJQCZ+7AAoJEIvPpx7KFjRV5nkL/jCBPsKDjpC9/ryIHaPDjxt0
3TO/X03z868mYGlJixMj7o2mqeueRHBdYfUxo6Tbaal78B9E5U+MYDmZPMG5TXJW
5usGcjmu2//nwLwwYjPpQEZlnnNKgvgercQuRmikUSpTew4fZcC+Ltm1xqt2oKvV
LiP7PhIRdkx6oXN+kdvC37oSCcEFBrElSpFDxQ2GYUfABKTZypGBYric8WBTUyWZ
f30e11H0mEMrG6AKI9e1e0mjv5y/yVOAIThEj1lzGx06joDG9LOwzR93ZTl1nChK
ypS7IuIdhBro1y60VmqHUnYFEay6/H/PVW8Mb1m2hkQmkblcJACDw0cEEAQlzssr
Dm/Qc1lBiD9eiB4icI054G/xPXvVsj16DVRMYafjDyUZpIW6PzorliEWQt3cOqXI
vz6ranPfBbO3aoitFtTpPbkLR7GdAEofBRN3UxzF2LKwIERAOOWdx2QJE4KQFkkh
XguCIluLJr9ZGLav0G80NcS2zvfmVxVIeJMuZ8G2xQ==
=nVpk
-----END PGP SIGNATURE-----
--- End Message ---
