-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 18 Mar 2011 15:51:03 +1300 Source: mahara Binary: mahara mahara-apache2 mahara-mediaplayer Architecture: source all Version: 1.2.6-2+squeeze1 Distribution: stable-security Urgency: high Maintainer: Mahara Packaging Team Changed-By: Francois Marier Description: mahara - Electronic portfolio, weblog, and resume builder mahara-apache2 - Electronic portfolio, weblog, and resume builder - apache2 config mahara-mediaplayer - Electronic portfolio, weblog, and resume builder - internal media Changes: mahara (1.2.6-2+squeeze1) stable-security; urgency=high . * SECURITY UPDATE: cross-site scripting vulnerability - debian/patches/CVE-2011-0439.dpatch: upstream patch - CVE-2011-0439 . * SECURITY UPDATE: possible cross-site request forgery (deleting blogs) - debian/patches/CVE-2011-0440.dpatch: upstream patch - CVE-2011-0440 Checksums-Sha1: 0c374d087b49bd313ca01bfd94b0008f9f8cf112 1962 mahara_1.2.6-2+squeeze1.dsc d498dcb1702106566ea66c0950ca4934978bab64 4469767 mahara_1.2.6.orig.tar.gz 2b223523ab134e26f46c5cd1e21e5cfb022a2dba 24010 mahara_1.2.6-2+squeeze1.debian.tar.gz 3650fe1e7b8bc39beff2b575f5bae5b794a34752 1629066 mahara_1.2.6-2+squeeze1_all.deb c2d84b46b0e8ea37292f25ab0b0bfb35dcee55d8 12418 mahara-apache2_1.2.6-2+squeeze1_all.deb 18d31afacfeffb61a524cf042c1c05e10c6ec204 452210 mahara-mediaplayer_1.2.6-2+squeeze1_all.deb Checksums-Sha256: f3dd956070f8ba94a201dea2d2886b4cd2c2fec5b9c52a75f26ef5cd76c26ef3 1962 mahara_1.2.6-2+squeeze1.dsc cc6a417fd2a346163e8c433a284aefc21c92ceea624b06be9eeb2084af9f8171 4469767 mahara_1.2.6.orig.tar.gz a3d9251a6a073b13ef6445a3a6c73043f61d99febbf023de28081e8cec035c89 24010 mahara_1.2.6-2+squeeze1.debian.tar.gz f3b9adbc205a62ebce8f358df0c0500a3627d20726700aefc88210edad1699cd 1629066 mahara_1.2.6-2+squeeze1_all.deb 3f08f472775dcfbc6991cf4171c2ecc593351c13057447217feafe0f8e03c954 12418 mahara-apache2_1.2.6-2+squeeze1_all.deb 0532c1eeb5e2f494aae784dbd7e6cfd19b8268368ce7a7408da6f7bcaeff58f1 452210 mahara-mediaplayer_1.2.6-2+squeeze1_all.deb Files: 383b15ecda0428354cb4110695f77e80 1962 web optional mahara_1.2.6-2+squeeze1.dsc 84f75ae15d892e96929cdf08e6bab929 4469767 web optional mahara_1.2.6.orig.tar.gz 27e523ccd3142fd298a74b0af8666728 24010 web optional mahara_1.2.6-2+squeeze1.debian.tar.gz 2f2476667969a00344842ea57d299190 1629066 web optional mahara_1.2.6-2+squeeze1_all.deb 2dfbce8e3d6936412f75ba3f3ea46389 12418 web optional mahara-apache2_1.2.6-2+squeeze1_all.deb 07c1dce685458f9a0b11034598b3c5f5 452210 contrib/web optional mahara-mediaplayer_1.2.6-2+squeeze1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJNgssRAAoJEBYoHy4AfJjR22oQAIfv/BTibA4ZgjEQa71qkpyw ziEbv6HGe/U9omJmEO9mURedQE9HpVlE6alb7KQ6gBkptFWiMzsg8MDPQ9PveKYT XNn0Tsevhi6KfTyTQhZPO4DhIbu+UoI/qbKz23noHWXb07qPOsoNEk+ise13TPfM oFBQwt8++MHBJdokhLJ7YSEO7CS9JjU673xYNiMT2ZuQNo82aZ4jaJPazN5I+WZ4 FC0KeORYZs+VoIpGcp1Ks+5Cke0iquxG9hlOaRwkh2/8ITFjSh6JvatjFt9uWels Sv1G5O9m0lkAs3NOOsZVRZlLEdWH5NylYrj2CLzqYroH231fsB+btX3PrU5nW1LI uadwTilfecV34TFXrgm9skYYCkJE678p2B84dt6PzyQmwi8F6n65O+Vf+hUfc8hM HJshB863qwE/eyJZcWU65qnKdyVvOdbfGfdJumAy7AzrnnehPBzkckVSTCicWctA gi/nNnvu/egnKk8tjuXp6u2dMg3a6KYw9SEr6qoS/5nkFG97yDcPOQOLwnnZ1lHu K2+k4K8OePOpHuMF+KxWeM5aoixs39/NppwMdMEpSyE3EomTy3o9TQ7pg4NoOu4e BtYnjLxBZoetzTV/5uA/4PPp2AXY1CEsNUJ6lYYF32NQ300S9lKFxpC4jcqs6glN GK7+jLLDfUX2L8j4Q0uS =/1JW -----END PGP SIGNATURE-----