severity 507185 normal thanks Hi Steffen,
Thanks for taking the time to find and list all of these third-party libraries. We do want to eliminate these as much as possible (the last upload removed smarty and yui for example [0]) and reduce our time spent fixing security bugs in third-party software. Unfortunately, many of these libraries had to be customised in Moodle. For instance, these ones have documented customisations: - libphp-snoopy [1] - libphp-adodb [2] - libphp-phpmailer [3] - pclzip [4] (which was missing from your list) I believe that this one has also been customised but it's not currently documented: - tinymce I hadn't yet seen this one (thanks for the heads up!), but it's not available in Lenny: - libmarkdown-php Finally, I couldn't find Debian packages for these ones, are they in Debian already? - domxml-php4-to-php5.php - kses Cheers, Francois [0] http://git.debian.org/?p=pkg-moodle/moodle.git;a=blob;f=debian/changelog;hb=lenny [1] http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/snoopy/moodle_readme.txt;hb=cvshead [2] http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/adodb/readme_moodle.txt;hb=cvshead [3] http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/phpmailer/README_MOODLE.txt;hb=cvshead [4] http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/pclzip/readme_moodle.txt;hb=cvshead -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
