Comment 17 for bug 676336

This bug was fixed in the package mahara - 1.2.5-2ubuntu0.1

---------------
mahara (1.2.5-2ubuntu0.1) maverick-security; urgency=low

  * SECURITY UPDATE: cross-site scripting vulnerability
    - debian/patches/CVE-2011-0439.dpatch: upstream patch
    - CVE-2011-0439
    - LP: #676336
  * SECURITY UPDATE: possible cross-site request forgery (deleting blogs)
    - debian/patches/CVE-2011-0440.dpatch: upstream patch
    - CVE-2011-0440
 -- Francois Marier <email address hidden> Fri, 25 Mar 2011 16:38:51 +1300