tags 687924 + patch
tags 687924 + pending
thanks
Dear maintainer,
I've prepared an NMU for moodle (versioned as 2.2.3.dfsg-2.3) and
uploaded it to DELAYED/1. Please feel free to tell me if I
should delay it longer.
Regards.
diff -Nru moodle-2.2.3.dfsg/debian/changelog moodle-2.2.3.dfsg/debian/changelog
--- moodle-2.2.3.dfsg/debian/changelog 2012-07-23 19:13:58.000000000 +0200
+++ moodle-2.2.3.dfsg/debian/changelog 2012-09-28 12:58:50.000000000 +0200
@@ -1,3 +1,22 @@
+moodle (2.2.3.dfsg-2.3) unstable; urgency=low
+
+ * Non-maintainer upload.
+
+ * Backport multiple security issues from upstream's MOODLE_22_STABLE
+ branch. (Closes: #687924)
+ - MSA-12-0051: MDL-30792 - File upload size constraint issue
+ Fixes CVE-2012-4400
+ - MSA-12-0052: MDL-28207 - Course topics permission issue
+ Fixes CVE-2012-4401
+ - MSA-12-0053: MDL-34585 - Blog file access issue
+ Fixes CVE-2012-4407
+ - MSA-12-0054: MDL-34519 - Course reset permission issue
+ Fixes CVE-2012-4408
+ - MSA-12-0055: MDL-34368 - Web service access token issue
+ Fixes CVE-2012-4402
+
+ -- Didier Raboud <o...@debian.org> Fri, 28 Sep 2012 12:52:21 +0200
+
moodle (2.2.3.dfsg-2.2) unstable; urgency=low
* Non-maintainer upload.
diff -Nru moodle-2.2.3.dfsg/debian/patches/0009-MDL-30792-Files-API-maxbytes-will-be-set-by-get_max_.patch moodle-2.2.3.dfsg/debian/patches/0009-MDL-30792-Files-API-maxbytes-will-be-set-by-get_max_.patch
--- moodle-2.2.3.dfsg/debian/patches/0009-MDL-30792-Files-API-maxbytes-will-be-set-by-get_max_.patch 1970-01-01 01:00:00.000000000 +0100
+++ moodle-2.2.3.dfsg/debian/patches/0009-MDL-30792-Files-API-maxbytes-will-be-set-by-get_max_.patch 2012-09-28 12:58:50.000000000 +0200
@@ -0,0 +1,51 @@
+From ebf253af171efbc5ff3a0074538c85a5edcb2ee2 Mon Sep 17 00:00:00 2001
+From: Rajesh Taneja <raj...@moodle.com>
+Date: Fri, 3 Aug 2012 11:44:20 +0800
+Subject: [PATCH] MDL-30792 Files API: maxbytes will be set by
+ get_max_upload_file_size if less then 0 or greater then max
+ moodle limit
+
+---
+ repository/filepicker.php | 4 ++--
+ repository/repository_ajax.php | 8 ++++++--
+ 2 files changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/repository/filepicker.php b/repository/filepicker.php
+index 68aee10..610ef13 100644
+--- a/repository/filepicker.php
++++ b/repository/filepicker.php
+@@ -93,9 +93,9 @@ if ($repository = $DB->get_record_sql($sql, array($repo_id))) {
+ }
+ }
+
+-$moodle_maxbytes = get_max_upload_file_size();
++$moodle_maxbytes = get_max_upload_file_size($CFG->maxbytes, $course->maxbytes);
+ // to prevent maxbytes greater than moodle maxbytes setting
+-if ($maxbytes == 0 || $maxbytes>=$moodle_maxbytes) {
++if (($maxbytes <= 0) || ($maxbytes >= $moodle_maxbytes)) {
+ $maxbytes = $moodle_maxbytes;
+ }
+
+diff --git a/repository/repository_ajax.php b/repository/repository_ajax.php
+index b7793c8..b7f76d1 100644
+--- a/repository/repository_ajax.php
++++ b/repository/repository_ajax.php
+@@ -83,9 +83,13 @@ if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
+ /// Check permissions
+ repository::check_capability($contextid, $repository);
+
+-$moodle_maxbytes = get_max_upload_file_size();
++$coursemaxbytes = 0;
++if (!empty($course)) {
++ $coursemaxbytes = $course->maxbytes;
++}
++$moodle_maxbytes = get_max_upload_file_size($CFG->maxbytes, $coursemaxbytes);
+ // to prevent maxbytes greater than moodle maxbytes setting
+-if ($maxbytes == 0 || $maxbytes>=$moodle_maxbytes) {
++if (($maxbytes <= 0) || ($maxbytes >= $moodle_maxbytes)) {
+ $maxbytes = $moodle_maxbytes;
+ }
+
+--
+1.7.10.4
+
diff -Nru moodle-2.2.3.dfsg/debian/patches/0010-MDL-30792-Files-API-Cleaner-approach-to-get-maxbytes.patch moodle-2.2.3.dfsg/debian/patches/0010-MDL-30792-Files-API-Cleaner-approach-to-get-maxbytes.patch
--- moodle-2.2.3.dfsg/debian/patches/0010-MDL-30792-Files-API-Cleaner-approach-to-get-maxbytes.patch 1970-01-01 01:00:00.000000000 +0100
+++ moodle-2.2.3.dfsg/debian/patches/0010-MDL-30792-Files-API-Cleaner-approach-to-get-maxbytes.patch 2012-09-28 12:58:50.000000000 +0200
@@ -0,0 +1,74 @@
+From f7c9e3bb18e9e7fa06dff625042bf9572d709d45 Mon Sep 17 00:00:00 2001
+From: Rajesh Taneja <raj...@moodle.com>
+Date: Fri, 3 Aug 2012 11:47:44 +0800
+Subject: [PATCH] MDL-30792 Files API: Cleaner approach to get maxbytes size
+ in filepicker
+
+---
+ lib/moodlelib.php | 6 +++---
+ repository/filepicker.php | 7 ++-----
+ repository/repository_ajax.php | 7 ++-----
+ 3 files changed, 7 insertions(+), 13 deletions(-)
+
+diff --git a/lib/moodlelib.php b/lib/moodlelib.php
+index 465226a..08b34ee 100644
+--- a/lib/moodlelib.php
++++ b/lib/moodlelib.php
+@@ -5728,15 +5728,15 @@ function get_max_upload_file_size($sitebytes=0, $coursebytes=0, $modulebytes=0)
+ }
+ }
+
+- if ($sitebytes and $sitebytes < $minimumsize) {
++ if (($sitebytes > 0) and ($sitebytes < $minimumsize)) {
+ $minimumsize = $sitebytes;
+ }
+
+- if ($coursebytes and $coursebytes < $minimumsize) {
++ if (($coursebytes > 0) and ($coursebytes < $minimumsize)) {
+ $minimumsize = $coursebytes;
+ }
+
+- if ($modulebytes and $modulebytes < $minimumsize) {
++ if (($modulebytes > 0) and ($modulebytes < $minimumsize)) {
+ $minimumsize = $modulebytes;
+ }
+
+diff --git a/repository/filepicker.php b/repository/filepicker.php
+index 610ef13..fa759c5 100644
+--- a/repository/filepicker.php
++++ b/repository/filepicker.php
+@@ -93,11 +93,8 @@ if ($repository = $DB->get_record_sql($sql, array($repo_id))) {
+ }
+ }
+
+-$moodle_maxbytes = get_max_upload_file_size($CFG->maxbytes, $course->maxbytes);
+-// to prevent maxbytes greater than moodle maxbytes setting
+-if (($maxbytes <= 0) || ($maxbytes >= $moodle_maxbytes)) {
+- $maxbytes = $moodle_maxbytes;
+-}
++// Make sure maxbytes passed is within site filesize limits.
++$maxbytes = get_max_upload_file_size($CFG->maxbytes, $coursemaxbytes, $maxbytes);
+
+ $params = array('ctx_id' => $contextid, 'itemid' => $itemid, 'env' => $env, 'course'=>$courseid, 'maxbytes'=>$maxbytes, 'maxfiles'=>$maxfiles, 'subdirs'=>$subdirs, 'sesskey'=>sesskey());
+ $params['action'] = 'browse';
+diff --git a/repository/repository_ajax.php b/repository/repository_ajax.php
+index b7f76d1..f8c9fe5 100644
+--- a/repository/repository_ajax.php
++++ b/repository/repository_ajax.php
+@@ -87,11 +87,8 @@ $coursemaxbytes = 0;
+ if (!empty($course)) {
+ $coursemaxbytes = $course->maxbytes;
+ }
+-$moodle_maxbytes = get_max_upload_file_size($CFG->maxbytes, $coursemaxbytes);
+-// to prevent maxbytes greater than moodle maxbytes setting
+-if (($maxbytes <= 0) || ($maxbytes >= $moodle_maxbytes)) {
+- $maxbytes = $moodle_maxbytes;
+-}
++// Make sure maxbytes passed is within site filesize limits.
++$maxbytes = get_max_upload_file_size($CFG->maxbytes, $coursemaxbytes, $maxbytes);
+
+ /// Wait as long as it takes for this script to finish
+ set_time_limit(0);
+--
+1.7.10.4
+
diff -Nru moodle-2.2.3.dfsg/debian/patches/0011-MDL-28207-Course-Showing-hiding-marking-a-section-re.patch moodle-2.2.3.dfsg/debian/patches/0011-MDL-28207-Course-Showing-hiding-marking-a-section-re.patch
--- moodle-2.2.3.dfsg/debian/patches/0011-MDL-28207-Course-Showing-hiding-marking-a-section-re.patch 1970-01-01 01:00:00.000000000 +0100
+++ moodle-2.2.3.dfsg/debian/patches/0011-MDL-28207-Course-Showing-hiding-marking-a-section-re.patch 2012-09-28 12:58:50.000000000 +0200
@@ -0,0 +1,178 @@
+From 755dac1e2f3d82853ce12c91d36ee01f1b5501e2 Mon Sep 17 00:00:00 2001
+From: Frederic Massart <f...@moodle.com>
+Date: Tue, 31 Jul 2012 14:10:05 +0800
+Subject: [PATCH] MDL-28207 Course: Showing/hiding/marking a section respect
+ capabilities
+
+---
+ course/format/topics/format.php | 46 +++++++++++++++++++++------------------
+ course/format/weeks/format.php | 34 ++++++++++++++++-------------
+ course/rest.php | 5 +++--
+ course/view.php | 5 +++--
+ 4 files changed, 50 insertions(+), 40 deletions(-)
+
+diff --git a/course/format/topics/format.php b/course/format/topics/format.php
+index b8ce8f2..0c58c4d 100644
+--- a/course/format/topics/format.php
++++ b/course/format/topics/format.php
+@@ -186,29 +186,33 @@ while ($section <= $course->numsections) {
+ '<img src="'.$OUTPUT->pix_url('i/one') . '" class="icon" alt="'.$strshowonlytopic.'" /></a><br />';
+ }
+
+- if ($PAGE->user_is_editing() && has_capability('moodle/course:update', get_context_instance(CONTEXT_COURSE, $course->id))) {
+-
+- if ($course->marker == $section) { // Show the "light globe" on/off
+- echo '<a href="view.php?id='.$course->id.'&marker=0&sesskey='.sesskey().'#section-'.$section.'" title="'.$strmarkedthistopic.'">'.'<img src="'.$OUTPUT->pix_url('i/marked') . '" alt="'.$strmarkedthistopic.'" class="icon"/></a><br />';
+- } else {
+- echo '<a href="view.php?id='.$course->id.'&marker='.$section.'&sesskey='.sesskey().'#section-'.$section.'" title="'.$strmarkthistopic.'">'.'<img src="'.$OUTPUT->pix_url('i/marker') . '" alt="'.$strmarkthistopic.'" class="icon"/></a><br />';
+- }
+-
+- if ($thissection->visible) { // Show the hide/show eye
+- echo '<a href="view.php?id='.$course->id.'&hide='.$section.'&sesskey='.sesskey().'#section-'.$section.'" title="'.$strtopichide.'">'.
+- '<img src="'.$OUTPUT->pix_url('i/hide') . '" class="icon hide" alt="'.$strtopichide.'" /></a><br />';
+- } else {
+- echo '<a href="view.php?id='.$course->id.'&show='.$section.'&sesskey='.sesskey().'#section-'.$section.'" title="'.$strtopicshow.'">'.
+- '<img src="'.$OUTPUT->pix_url('i/show') . '" class="icon hide" alt="'.$strtopicshow.'" /></a><br />';
++ $coursecontext = context_course::instance($course->id);
++ if ($PAGE->user_is_editing()) {
++ if (has_capability('moodle/course:setcurrentsection', $coursecontext)) {
++ if ($course->marker == $section) { // Show the "light globe" on/off
++ echo '<a href="view.php?id='.$course->id.'&marker=0&sesskey='.sesskey().'#section-'.$section.'" title="'.$strmarkedthistopic.'">'.'<img src="'.$OUTPUT->pix_url('i/marked') . '" alt="'.$strmarkedthistopic.'" class="icon"/></a><br />';
++ } else {
++ echo '<a href="view.php?id='.$course->id.'&marker='.$section.'&sesskey='.sesskey().'#section-'.$section.'" title="'.$strmarkthistopic.'">'.'<img src="'.$OUTPUT->pix_url('i/marker') . '" alt="'.$strmarkthistopic.'" class="icon"/></a><br />';
++ }
+ }
+- if ($section > 1) { // Add a arrow to move section up
+- echo '<a href="view.php?id='.$course->id.'&random='.rand(1,10000).'&section='.$section.'&move=-1&sesskey='.sesskey().'#section-'.($section-1).'" title="'.$strmoveup.'">'.
+- '<img src="'.$OUTPUT->pix_url('t/up') . '" class="icon up" alt="'.$strmoveup.'" /></a><br />';
++ if (has_capability('moodle/course:sectionvisibility', $coursecontext)) {
++ if ($thissection->visible) { // Show the hide/show eye
++ echo '<a href="view.php?id='.$course->id.'&hide='.$section.'&sesskey='.sesskey().'#section-'.$section.'" title="'.$strtopichide.'">'.
++ '<img src="'.$OUTPUT->pix_url('i/hide') . '" class="icon hide" alt="'.$strtopichide.'" /></a><br />';
++ } else {
++ echo '<a href="view.php?id='.$course->id.'&show='.$section.'&sesskey='.sesskey().'#section-'.$section.'" title="'.$strtopicshow.'">'.
++ '<img src="'.$OUTPUT->pix_url('i/show') . '" class="icon hide" alt="'.$strtopicshow.'" /></a><br />';
++ }
+ }
+-
+- if ($section < $course->numsections) { // Add a arrow to move section down
+- echo '<a href="view.php?id='.$course->id.'&random='.rand(1,10000).'&section='.$section.'&move=1&sesskey='.sesskey().'#section-'.($section+1).'" title="'.$strmovedown.'">'.
+- '<img src="'.$OUTPUT->pix_url('t/down') . '" class="icon down" alt="'.$strmovedown.'" /></a><br />';
++ if (has_capability('moodle/course:update', $coursecontext)) {
++ if ($section > 1) { // Add a arrow to move section up
++ echo '<a href="view.php?id='.$course->id.'&random='.rand(1,10000).'&section='.$section.'&move=-1&sesskey='.sesskey().'#section-'.($section-1).'" title="'.$strmoveup.'">'.
++ '<img src="'.$OUTPUT->pix_url('t/up') . '" class="icon up" alt="'.$strmoveup.'" /></a><br />';
++ }
++ if ($section < $course->numsections) { // Add a arrow to move section down
++ echo '<a href="view.php?id='.$course->id.'&random='.rand(1,10000).'&section='.$section.'&move=1&sesskey='.sesskey().'#section-'.($section+1).'" title="'.$strmovedown.'">'.
++ '<img src="'.$OUTPUT->pix_url('t/down') . '" class="icon down" alt="'.$strmovedown.'" /></a><br />';
++ }
+ }
+ }
+ echo '</div>';
+diff --git a/course/format/weeks/format.php b/course/format/weeks/format.php
+index c5c78fa..9ae93f1 100644
+--- a/course/format/weeks/format.php
++++ b/course/format/weeks/format.php
+@@ -192,22 +192,26 @@ defined('MOODLE_INTERNAL') || die();
+ '<img src="'.$OUTPUT->pix_url('i/one') . '" class="icon wkone" alt="'.$strshowonlyweek.'" /></a><br />';
+ }
+
+- if ($PAGE->user_is_editing() && has_capability('moodle/course:update', get_context_instance(CONTEXT_COURSE, $course->id))) {
+- if ($thissection->visible) { // Show the hide/show eye
+- echo '<a href="view.php?id='.$course->id.'&hide='.$section.'&sesskey='.sesskey().'#section-'.$section.'" title="'.$strweekhide.'">'.
+- '<img src="'.$OUTPUT->pix_url('i/hide') . '" class="icon hide" alt="'.$strweekhide.'" /></a><br />';
+- } else {
+- echo '<a href="view.php?id='.$course->id.'&show='.$section.'&sesskey='.sesskey().'#section-'.$section.'" title="'.$strweekshow.'">'.
+- '<img src="'.$OUTPUT->pix_url('i/show') . '" class="icon hide" alt="'.$strweekshow.'" /></a><br />';
+- }
+- if ($section > 1) { // Add a arrow to move section up
+- echo '<a href="view.php?id='.$course->id.'&random='.rand(1,10000).'&section='.$section.'&move=-1&sesskey='.sesskey().'#section-'.($section-1).'" title="'.$strmoveup.'">'.
+- '<img src="'.$OUTPUT->pix_url('t/up') . '" class="icon up" alt="'.$strmoveup.'" /></a><br />';
++ $coursecontext = context_course::instance($course->id);
++ if ($PAGE->user_is_editing()) {
++ if (has_capability('moodle/course:sectionvisibility', $coursecontext)) {
++ if ($thissection->visible) { // Show the hide/show eye
++ echo '<a href="view.php?id='.$course->id.'&hide='.$section.'&sesskey='.sesskey().'#section-'.$section.'" title="'.$strweekhide.'">'.
++ '<img src="'.$OUTPUT->pix_url('i/hide') . '" class="icon hide" alt="'.$strweekhide.'" /></a><br />';
++ } else {
++ echo '<a href="view.php?id='.$course->id.'&show='.$section.'&sesskey='.sesskey().'#section-'.$section.'" title="'.$strweekshow.'">'.
++ '<img src="'.$OUTPUT->pix_url('i/show') . '" class="icon hide" alt="'.$strweekshow.'" /></a><br />';
++ }
+ }
+-
+- if ($section < $course->numsections) { // Add a arrow to move section down
+- echo '<a href="view.php?id='.$course->id.'&random='.rand(1,10000).'&section='.$section.'&move=1&sesskey='.sesskey().'#section-'.($section+1).'" title="'.$strmovedown.'">'.
+- '<img src="'.$OUTPUT->pix_url('t/down') . '" class="icon down" alt="'.$strmovedown.'" /></a><br />';
++ if (has_capability('moodle/course:update', $coursecontext)) {
++ if ($section > 1) { // Add a arrow to move section up
++ echo '<a href="view.php?id='.$course->id.'&random='.rand(1,10000).'&section='.$section.'&move=-1&sesskey='.sesskey().'#section-'.($section-1).'" title="'.$strmoveup.'">'.
++ '<img src="'.$OUTPUT->pix_url('t/up') . '" class="icon up" alt="'.$strmoveup.'" /></a><br />';
++ }
++ if ($section < $course->numsections) { // Add a arrow to move section down
++ echo '<a href="view.php?id='.$course->id.'&random='.rand(1,10000).'&section='.$section.'&move=1&sesskey='.sesskey().'#section-'.($section+1).'" title="'.$strmovedown.'">'.
++ '<img src="'.$OUTPUT->pix_url('t/down') . '" class="icon down" alt="'.$strmovedown.'" /></a><br />';
++ }
+ }
+ }
+ echo '</div>';
+diff --git a/course/rest.php b/course/rest.php
+index 5125ffb..3f996a7 100644
+--- a/course/rest.php
++++ b/course/rest.php
+@@ -78,7 +78,6 @@ switch($requestmethod) {
+ case 'section':
+ require_login($course);
+ $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
+- require_capability('moodle/course:update', $coursecontext);
+
+ if (!$DB->record_exists('course_sections', array('course'=>$course->id, 'section'=>$id))) {
+ error_log('AJAX commands.php: Bad Section ID '.$id);
+@@ -87,10 +86,12 @@ switch($requestmethod) {
+
+ switch ($field) {
+ case 'visible':
++ require_capability('moodle/course:sectionvisibility', $coursecontext);
+ set_section_visible($course->id, $id, $value);
+ break;
+
+ case 'move':
++ require_capability('moodle/course:update', $coursecontext);
+ move_section_to($course, $id, $value);
+ break;
+ }
+@@ -158,7 +159,7 @@ switch($requestmethod) {
+ case 'marker':
+ require_login($course);
+ $coursecontext = get_context_instance(CONTEXT_COURSE, $course->id);
+- require_capability('moodle/course:update', $coursecontext);
++ require_capability('moodle/course:setcurrentsection', $coursecontext);
+ course_set_marker($course->id, $value);
+ break;
+ }
+diff --git a/course/view.php b/course/view.php
+index 8b2621f..816265e 100644
+--- a/course/view.php
++++ b/course/view.php
+@@ -127,15 +127,16 @@
+ }
+ }
+
+- if (has_capability('moodle/course:update', $context)) {
++ if (has_capability('moodle/course:sectionvisibility', $context)) {
+ if ($hide && confirm_sesskey()) {
+ set_section_visible($course->id, $hide, '0');
+ }
+-
+ if ($show && confirm_sesskey()) {
+ set_section_visible($course->id, $show, '1');
+ }
++ }
+
++ if (has_capability('moodle/course:update', $context)) {
+ if (!empty($section)) {
+ if (!empty($move) and confirm_sesskey()) {
+ if (move_section($course, $section, $move)) {
+--
+1.7.10.4
+
diff -Nru moodle-2.2.3.dfsg/debian/patches/0012-MDL-34585-fix-broken-blog-file-access-control.patch moodle-2.2.3.dfsg/debian/patches/0012-MDL-34585-fix-broken-blog-file-access-control.patch
--- moodle-2.2.3.dfsg/debian/patches/0012-MDL-34585-fix-broken-blog-file-access-control.patch 1970-01-01 01:00:00.000000000 +0100
+++ moodle-2.2.3.dfsg/debian/patches/0012-MDL-34585-fix-broken-blog-file-access-control.patch 2012-09-28 12:58:50.000000000 +0200
@@ -0,0 +1,35 @@
+From 43bfb68de9bb2b3f849a1ebded1c2b8e7f738edc Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20S=CC=8Ckoda?= <comm...@skodak.org>
+Date: Tue, 31 Jul 2012 16:02:54 +0200
+Subject: [PATCH] MDL-34585 fix broken blog file access control
+
+---
+ lib/filelib.php | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/lib/filelib.php b/lib/filelib.php
+index 92565f9..ca20cd2 100644
+--- a/lib/filelib.php
++++ b/lib/filelib.php
+@@ -3230,15 +3230,15 @@ function file_pluginfile($relativepath, $forcedownload) {
+ }
+ }
+
+- if ('publishstate' === 'public') {
++ if ($entry->publishstate === 'public') {
+ if ($CFG->forcelogin) {
+ require_login();
+ }
+
+- } else if ('publishstate' === 'site') {
++ } else if ($entry->publishstate === 'site') {
+ require_login();
+ //ok
+- } else if ('publishstate' === 'draft') {
++ } else if ($entry->publishstate === 'draft') {
+ require_login();
+ if ($USER->id != $entry->userid) {
+ send_file_not_found();
+--
+1.7.10.4
+
diff -Nru moodle-2.2.3.dfsg/debian/patches/0013-MDL-34519-Course-reset-not-protected-by-proper-capab.patch moodle-2.2.3.dfsg/debian/patches/0013-MDL-34519-Course-reset-not-protected-by-proper-capab.patch
--- moodle-2.2.3.dfsg/debian/patches/0013-MDL-34519-Course-reset-not-protected-by-proper-capab.patch 1970-01-01 01:00:00.000000000 +0100
+++ moodle-2.2.3.dfsg/debian/patches/0013-MDL-34519-Course-reset-not-protected-by-proper-capab.patch 2012-09-28 12:58:50.000000000 +0200
@@ -0,0 +1,25 @@
+From f4ab33b25ff2013d8334303a06fde1800cd8cce0 Mon Sep 17 00:00:00 2001
+From: Rex Lorenzo <r...@oid.ucla.edu>
+Date: Tue, 24 Jul 2012 12:01:11 -0700
+Subject: [PATCH] MDL-34519 - Course reset not protected by proper capability
+
+---
+ course/reset.php | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/course/reset.php b/course/reset.php
+index cd0a66b..088c203 100644
+--- a/course/reset.php
++++ b/course/reset.php
+@@ -39,7 +39,7 @@ if (!$course = $DB->get_record('course', array('id'=>$id))) {
+ $PAGE->set_url('/course/reset.php', array('id'=>$id));
+
+ require_login($course);
+-require_capability('moodle/course:update', get_context_instance(CONTEXT_COURSE, $course->id));
++require_capability('moodle/course:reset', get_context_instance(CONTEXT_COURSE, $course->id));
+
+ $strreset = get_string('reset');
+ $strresetcourse = get_string('resetcourse');
+--
+1.7.10.4
+
diff -Nru moodle-2.2.3.dfsg/debian/patches/0014-MDL-34368-Fix-broken-query-in-so-tokens-are-correctl.patch moodle-2.2.3.dfsg/debian/patches/0014-MDL-34368-Fix-broken-query-in-so-tokens-are-correctl.patch
--- moodle-2.2.3.dfsg/debian/patches/0014-MDL-34368-Fix-broken-query-in-so-tokens-are-correctl.patch 1970-01-01 01:00:00.000000000 +0100
+++ moodle-2.2.3.dfsg/debian/patches/0014-MDL-34368-Fix-broken-query-in-so-tokens-are-correctl.patch 2012-09-28 12:58:50.000000000 +0200
@@ -0,0 +1,26 @@
+From af6df710114918fbdf51486bbcca8049a2e72cba Mon Sep 17 00:00:00 2001
+From: Nathan Mares <nat...@catalyst-au.net>
+Date: Tue, 17 Jul 2012 19:11:57 +1000
+Subject: [PATCH] MDL-34368: Fix broken query in so tokens are correctly
+ checked against the linked service
+
+---
+ webservice/lib.php | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/webservice/lib.php b/webservice/lib.php
+index 1861513..998edd9 100644
+--- a/webservice/lib.php
++++ b/webservice/lib.php
+@@ -979,7 +979,7 @@ abstract class webservice_zend_server extends webservice_server {
+ FROM {external_services} s
+ JOIN {external_services_functions} sf ON (sf.externalserviceid = s.id AND s.restrictedusers = 1)
+ JOIN {external_services_users} su ON (su.externalserviceid = s.id AND su.userid = :userid)
+- WHERE s.enabled = 1 AND su.validuntil IS NULL OR su.validuntil < :now $wscond2";
++ WHERE s.enabled = 1 AND (su.validuntil IS NULL OR su.validuntil < :now) $wscond2";
+
+ $params = array_merge($params, array('userid'=>$USER->id, 'now'=>time()));
+
+--
+1.7.10.4
+
diff -Nru moodle-2.2.3.dfsg/debian/patches/0015-MDL-34368-fix-another-validuntil-condition.patch moodle-2.2.3.dfsg/debian/patches/0015-MDL-34368-fix-another-validuntil-condition.patch
--- moodle-2.2.3.dfsg/debian/patches/0015-MDL-34368-fix-another-validuntil-condition.patch 1970-01-01 01:00:00.000000000 +0100
+++ moodle-2.2.3.dfsg/debian/patches/0015-MDL-34368-fix-another-validuntil-condition.patch 2012-09-28 12:58:50.000000000 +0200
@@ -0,0 +1,25 @@
+From 5678fd4794179522f30ba3993736f827eed5c656 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20S=CC=8Ckoda?= <comm...@skodak.org>
+Date: Wed, 1 Aug 2012 08:30:28 +0200
+Subject: [PATCH] MDL-34368 fix another validuntil condition
+
+---
+ webservice/lib.php | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/webservice/lib.php b/webservice/lib.php
+index 998edd9..4c475da 100644
+--- a/webservice/lib.php
++++ b/webservice/lib.php
+@@ -1458,7 +1458,7 @@ abstract class webservice_base_server extends webservice_server {
+ FROM {external_services} s
+ JOIN {external_services_functions} sf ON (sf.externalserviceid = s.id AND s.restrictedusers = 1 AND sf.functionname = :name2)
+ JOIN {external_services_users} su ON (su.externalserviceid = s.id AND su.userid = :userid)
+- WHERE s.enabled = 1 AND su.validuntil IS NULL OR su.validuntil < :now $wscond2";
++ WHERE s.enabled = 1 AND (su.validuntil IS NULL OR su.validuntil < :now) $wscond2";
+ $params = array_merge($params, array('userid'=>$USER->id, 'name1'=>$function->name, 'name2'=>$function->name, 'now'=>time()));
+
+ $rs = $DB->get_recordset_sql($sql, $params);
+--
+1.7.10.4
+
diff -Nru moodle-2.2.3.dfsg/debian/patches/series moodle-2.2.3.dfsg/debian/patches/series
--- moodle-2.2.3.dfsg/debian/patches/series 2012-07-23 19:11:27.000000000 +0200
+++ moodle-2.2.3.dfsg/debian/patches/series 2012-09-28 13:20:13.000000000 +0200
@@ -6,3 +6,10 @@
0006-MDL-33808-format-title-on-the-repository-instance-sc.patch
0007-MDL-31692-mod_lti-ensure-that-various-mforms-are-use.patch
0008-MDL-33916-Ensure-that-capabilities-are-checked-for-c.patch
+0009-MDL-30792-Files-API-maxbytes-will-be-set-by-get_max_.patch
+0010-MDL-30792-Files-API-Cleaner-approach-to-get-maxbytes.patch
+0011-MDL-28207-Course-Showing-hiding-marking-a-section-re.patch
+0012-MDL-34585-fix-broken-blog-file-access-control.patch
+0013-MDL-34519-Course-reset-not-protected-by-proper-capab.patch
+0014-MDL-34368-Fix-broken-query-in-so-tokens-are-correctl.patch
+0015-MDL-34368-fix-another-validuntil-condition.patch
