Bug#601865: unblock: moodle/1.9.9.dfsg2-2
On 31/10/10 15:37, Adam D. Barratt wrote: > On Sat, 2010-10-30 at 13:18 +0100, Tomasz Muras wrote: >> Please unblock package moodle >> >> This version contains only updated translations and security >> patches ported from the latest upstream release: 1.9.10. > > Are these: > > + - Added patch for MDL-24523: > + clean_text() not filtering text in markdown format > [...] > + - Added patch for MDL-24258: > + students can delete their forum posts later than $CFG->maxeditingtime > + under certain conditions > + - Added patch for MDL-23377: > + Can't delete quiz attempts in course without enrolled students > > really security fixes? They don't obviously seem to correspond to any > of the items listed on http://moodle.org/security/ ; unfortunately both > the Moodle issue tracker and the archives of the security announcement > list appear to be restricted. That is correct. All those 3 patches are security fixes, although marked as minor by Moodle. I think this is the reason for not putting them on http://moodle.org/security. > (On a side note, embedded libraries suck, particularly when the updates > to them contain loads of whitespace changes and code rearrangement). I know - I have even created a minimal patch but in the end I've dropped it. I think it's safer to create a patch to get in the exactly the same code as upstream library. They know their code much better than I ever will. Tomek -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#601865: unblock: moodle/1.9.9.dfsg2-2
On Sat, 2010-10-30 at 13:18 +0100, Tomasz Muras wrote: > Please unblock package moodle > > This version contains only updated translations and security > patches ported from the latest upstream release: 1.9.10. Are these: + - Added patch for MDL-24523: + clean_text() not filtering text in markdown format [...] + - Added patch for MDL-24258: + students can delete their forum posts later than $CFG->maxeditingtime + under certain conditions + - Added patch for MDL-23377: + Can't delete quiz attempts in course without enrolled students really security fixes? They don't obviously seem to correspond to any of the items listed on http://moodle.org/security/ ; unfortunately both the Moodle issue tracker and the archives of the security announcement list appear to be restricted. (On a side note, embedded libraries suck, particularly when the updates to them contain loads of whitespace changes and code rearrangement). Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#601865: unblock: moodle/1.9.9.dfsg2-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package moodle This version contains only updated translations and security patches ported from the latest upstream release: 1.9.10. unblock moodle/1.9.9.dfsg2-2 -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.32-trunk-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
