2010-04-06 10:29:45 |
François Marier |
bug |
|
|
added bug |
2010-04-06 10:29:45 |
François Marier |
attachment added |
|
Patch from upstream http://launchpadlibrarian.net/43234525/mahara_sql_injection.patch |
|
2010-04-06 10:30:16 |
François Marier |
bug task added |
|
mahara |
|
2010-04-06 10:30:54 |
François Marier |
mahara: status |
New |
Fix Released |
|
2010-04-06 10:31:05 |
François Marier |
mahara: importance |
Undecided |
Critical |
|
2010-04-06 10:31:19 |
François Marier |
cve linked |
|
2010-0400 |
|
2010-04-06 10:33:32 |
François Marier |
description |
Binary package hint: mahara
There is an exploitable SQL injection in the code used to generate new usernames.
I will attach here debdiffs for both jaunty and karmic.
For lucid, I will file a separate sync request. |
Binary package hint: mahara
There is an exploitable SQL injection in the code used to generate new usernames.
I will attach here debdiffs for both jaunty and karmic.
For lucid, I will file a separate sync request.
( Also see upstream bug report at https://bugs.launchpad.net/mahara/+bug/534172 and the upstream security advisory at http://mahara.org/interaction/forum/topic.php?id=1713 ) |
|
2010-04-06 10:54:47 |
François Marier |
attachment added |
|
Debdiff for the karmic package http://launchpadlibrarian.net/43236110/karmic_deb.diff |
|
2010-04-06 11:07:08 |
François Marier |
attachment added |
|
Debdiff for the jaunty package http://launchpadlibrarian.net/43236734/jaunty_deb.diff |
|
2010-04-06 12:40:51 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Jaunty |
|
2010-04-06 12:40:51 |
Jamie Strandboge |
bug task added |
|
mahara (Ubuntu Jaunty) |
|
2010-04-06 12:40:51 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Karmic |
|
2010-04-06 12:40:51 |
Jamie Strandboge |
bug task added |
|
mahara (Ubuntu Karmic) |
|
2010-04-06 12:41:08 |
Jamie Strandboge |
nominated for series |
|
Ubuntu Lucid |
|
2010-04-06 12:41:08 |
Jamie Strandboge |
bug task added |
|
mahara (Ubuntu Lucid) |
|
2010-04-06 12:41:58 |
Jamie Strandboge |
mahara (Ubuntu Lucid): status |
New |
Invalid |
|
2010-04-06 12:46:11 |
Jamie Strandboge |
visibility |
private |
public |
|
2010-04-06 12:53:16 |
Jamie Strandboge |
mahara (Ubuntu Jaunty): status |
New |
Confirmed |
|
2010-04-06 12:53:22 |
Jamie Strandboge |
mahara (Ubuntu Jaunty): importance |
Undecided |
High |
|
2010-04-06 12:53:26 |
Jamie Strandboge |
mahara (Ubuntu Karmic): status |
New |
Confirmed |
|
2010-04-06 12:53:31 |
Jamie Strandboge |
mahara (Ubuntu Karmic): importance |
Undecided |
High |
|
2010-04-06 13:16:00 |
Daniel Holbach |
removed subscriber Ubuntu Sponsors for universe |
|
|
|
2010-04-07 13:03:19 |
Launchpad Janitor |
mahara (Ubuntu Karmic): status |
Confirmed |
Fix Released |
|
2010-04-07 13:03:19 |
Launchpad Janitor |
mahara (Ubuntu Jaunty): status |
Confirmed |
Fix Released |
|
2010-04-07 13:11:00 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/jaunty-security/mahara |
|
2010-04-07 13:11:13 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/karmic-security/mahara |
|
2010-05-15 15:24:20 |
Benjamin Drung |
removed subscriber Ubuntu Sponsors Team |
|
|
|