mahara (1.2.4-1ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: multiple cross-site scripting vulnerabilities - debian/patches/CVE-2010-1667.patch: upstream patch - CVE-2010-1667
* SECURITY UPDATE: multiple cross-site request forgery vulnerabilities - debian/patches/CVE-2010-1668.patch: upstream patch - CVE-2010-1668
* SECURITY UPDATE: SQL injection - debian/patches/CVE-2010-1669.patch: upstream patch - CVE-2010-1669
* SECURITY UPDATE: unsafe auth plugins configuration options - debian/patches/CVE-2010-1670.patch: upstream patch - CVE-2010-1670
* SECURITY UPDATE: IE-only cross-site scripting bug in HTML Purifier - depend on php-htmlpurifier and stop using the bundled version - CVE-2010-2479
mahara (1.2.4-1ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: multiple cross-site scripting vulnerabilities patches/ CVE-2010- 1667.patch: upstream patch
- debian/
- CVE-2010-1667
* SECURITY UPDATE: multiple cross-site request forgery vulnerabilities patches/ CVE-2010- 1668.patch: upstream patch
- debian/
- CVE-2010-1668
* SECURITY UPDATE: SQL injection patches/ CVE-2010- 1669.patch: upstream patch
- debian/
- CVE-2010-1669
* SECURITY UPDATE: unsafe auth plugins configuration options patches/ CVE-2010- 1670.patch: upstream patch
- debian/
- CVE-2010-1670
* SECURITY UPDATE: IE-only cross-site scripting bug in HTML Purifier
- depend on php-htmlpurifier and stop using the bundled version
- CVE-2010-2479