Your message dated Tue, 25 Dec 2012 14:32:41 +0000 with message-id <e1tnvyf-0000qa...@franck.debian.org> and subject line Bug#695789: fixed in mahara 1.5.1-3.1 has caused the Debian Bug report #695789, regarding CVE-2012-2253 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 695789: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695789 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: mahara Severity: grave Tags: security Hi, CVE-2012-2253 needs to be fixed in Wheezy: https://mahara.org/interaction/forum/topic.php?id=5076 Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: mahara Source-Version: 1.5.1-3.1 We believe that the bug you reported is fixed in the latest version of mahara, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 695...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Luca Falavigna <dktrkr...@debian.org> (supplier of updated mahara package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 23 Dec 2012 14:53:41 +0100 Source: mahara Binary: mahara mahara-apache2 mahara-mediaplayer Architecture: source all Version: 1.5.1-3.1 Distribution: unstable Urgency: high Maintainer: Mahara Packaging Team <mahara-packag...@lists.launchpad.net> Changed-By: Luca Falavigna <dktrkr...@debian.org> Description: mahara - Electronic portfolio, weblog, and resume builder mahara-apache2 - Electronic portfolio, weblog, and resume builder - apache2 config mahara-mediaplayer - Electronic portfolio, weblog, and resume builder - internal media Closes: 695789 Changes: mahara (1.5.1-3.1) unstable; urgency=high . * Non-maintainer upload. * SECURITY UPDATE: Fix a cross-site scripting (XSS) vulnerability which allowed remote attackers to inject arbitrary web script or HTML via the query parameter. - debian/patches/CVE-2012-2253.patch - Closes: #695789 Checksums-Sha1: 0de8ca1bd35767c11ba55392db5da123a5712488 2029 mahara_1.5.1-3.1.dsc 1b17d9dd87daca25bce8e78ce8c1831efc04ffd7 33867 mahara_1.5.1-3.1.debian.tar.gz 0824985331200493cada0a736963fe453abdf84b 2679340 mahara_1.5.1-3.1_all.deb 6e9a38a3d2b2d134c1ebeb88b40046183b310dff 16648 mahara-apache2_1.5.1-3.1_all.deb 9571e7b3e7c66473fca469b855c3e7d114ef5cb5 449354 mahara-mediaplayer_1.5.1-3.1_all.deb Checksums-Sha256: 3e2ac34fa7bf0c9b1d45aa740d56605571bc83c7414a083290bd992719008544 2029 mahara_1.5.1-3.1.dsc 0ff6b9d66ee3898ad63b9f7e71b5381a9b7f62f15602b329526a178053e60f43 33867 mahara_1.5.1-3.1.debian.tar.gz a38b1f310d071bc19fea89b970460b02eb0ea50924b43f798edac80bc4b42f1e 2679340 mahara_1.5.1-3.1_all.deb cd0b6ed1b5ad7f566796337e4ffedb0d170d0010ccd5f219b1355ae68bd9ef66 16648 mahara-apache2_1.5.1-3.1_all.deb ea660236ee06a28f242aa3f2e30f843cbd1b312bf3439b5d50b8ac20322e986b 449354 mahara-mediaplayer_1.5.1-3.1_all.deb Files: c77c70b7819722f8cee9d8fcea746283 2029 web optional mahara_1.5.1-3.1.dsc 88c1e6ba7be0666e4aaba49e03a5ac60 33867 web optional mahara_1.5.1-3.1.debian.tar.gz d8405068f30cfda337cb2f0f8704a90e 2679340 web optional mahara_1.5.1-3.1_all.deb 50cce03a7bdd018a4d72f3531e5aec7f 16648 web optional mahara-apache2_1.5.1-3.1_all.deb cdaebd275a34eed4bf3cf78bb89f13c1 449354 contrib/web optional mahara-mediaplayer_1.5.1-3.1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJQ1w/+AAoJEEkIatPr4vMf36EP/iTBmp1JlQk3WMZ9OnNSrP3l bAsmyTVvFiZ61z9Jq0xf03H2Z4uWQZ3vnHMV/yGXCKvb5y3t8ivBiDVItKP8vw+x +e6zKxOz/IP0diFCEjdIlZcYe23wh/w2JoDLiWKWQbvLmXQWRON0yC/O6kCnHvoi DCp3/F8PniOs6DWo3FWBXaeTuD4rCfpuCnwXXcwKRLMsMjXmGqjeyDIW9o+LQnCb nPm6W9WuVqg1TmscpILpF8ayF2m2uOuUng+Tgf00eABo+o1WFMjW8YXZ0ejXnQ+q 9wGduw11AButgZQZgGCPPhXrs6u41FjlLjAKsvcWbk+KQLDpGt/Pt15dZDD8tjWF 6JjOybcbE7ms1lKzPeMZoLmKgPdkYuJc3lsy0XRCIj7/8JMu5b+t9uPp0BIcHB2q /o6SkPRH47ZlKlwGqN7HxjVRHtbZhV60DfbxAaIlb4u7B7kG1/i8IWMX92qwRkLA VSotziN5kmkX1ksdHhg6NaeoPC/cHbDUAxzHncQSqTY2yxNJLn811LXfQMQbGqCn 7fqISl6UOUtOJMiifF1OcJV4Z4kOcNEjxEXbDbnRXrEAyVYUY5lsREtnbQ1vVp0j jk/o4k3ntIeeiMAs2GcK+bqa2X9QGvF3VVIGi0J5m67DG1IeH9cPt84E9LiVIrD/ tnLlCim3m7+stU0qf30d =deAO -----END PGP SIGNATURE-----
--- End Message ---
