Ubuntu
moodle package

Upgrade Moodle to 1.9.3

Bug #239481 reported by Marcus Malcom
8
Affects Status Importance Assigned to Milestone
moodle (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

Binary package hint: moodle

For hardy, moodle is at 1.8.2 and this is a pretty old release. 1.9.3 is the latest official release (as of 27th Oct 2008).

Description: Ubuntu 8.04.1
Release: 8.04.1
Package: moodle (1.8.2-1ubuntu4)

See original description
Revision history for this message
Ralph Janke (txwikinger) wrote :

Moodle 1.9.1 is not yet uploaded in Debian. When that happens it will be synced in the development release in ubuntu. Then a backport can be requested.

Changed in moodle:
importance: Undecided → Wishlist
RJ Clay (rjclay)
Changed in moodle:
status: New → Confirmed
LumpyCustard (orangelumpycustard)
description: updated
Revision history for this message
Caroline Ford (secretlondon) wrote : Re: [Bug 239481] Re: Upgrade Moodle to 1.9.3

We don't tend to upgrade versions after a release unless it fixes
critical bugs. I think what you are looking for is a backport so that
people who want newer versions can have them but without the risks to
stability and new bugs to everyone.

On 10/27/08, LumpyCustard <email address hidden> wrote:
> ** Summary changed:
>
> - Upgrade Moodle to 1.9.1
> + Upgrade Moodle to 1.9.3
>
> ** Description changed:
>
> Binary package hint: moodle
>
> - For hardy, moodle is at 1.8.2 and this is a pretty old release. 1.9.1 is
> - the latest official release (as of 15th May 2008).
> + For hardy, moodle is at 1.8.2 and this is a pretty old release. 1.9.3 is
> + the latest official release (as of 27th Oct 2008).
>
> Description: Ubuntu 8.04.1
> Release: 8.04.1
> Package: moodle (1.8.2-1ubuntu4)
>
> --
> Upgrade Moodle to 1.9.3
> https://bugs.launchpad.net/bugs/239481
> You received this bug notification because you are a member of Edubuntu
> Bugsquad, which is subscribed to moodle in ubuntu.
>

--
Sent from Google Mail for mobile | mobile.google.com

Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (4.8 KiB)

This bug was fixed in the package moodle - 1.9.4.dfsg-0ubuntu1

---------------
moodle (1.9.4.dfsg-0ubuntu1) jaunty; urgency=low

  * Merge with Debian git (Closes LP: #322961, #239481, #334611):
    - use Ubuntu's smarty lib directory for linking
    - use internal yui library
    - add update-notifier support back in

  [Matt Oquist]
    * renamed prerm script
    * significantly rewrote postinst and other maintainer scripts to improve
      user experience and package maintainability
      (Closes LP: #225662, #325450, #327843, #303078, #234609)

moodle (1.9.4.dfsg-1) UNRELEASED; urgency=low

  * New Upstream Version (closes: #475535, #514284, #515823)
    (added notes/ and tag/ to debian/install)
  * Merge with Ubuntu:
    - drop use of wwwconfig (closes: #389502, #302205)
    - debian/postinst: ucf fixes (fixes a hang)

  * Remove preinst (no more direct upgrades from sarge)
  * Remove PHP4 support from the Apache config file we provide
  * Drop support for apache 1.x and remove from debconf
  * Add swedish debconf translation (closes: #511202)

  * Bump debhelper compatibility to 7
  * Add lintian overrides for known customised libraries
  * Add new license files to delete (lintian warning)
  * Compress the deb with bzip2
  * Add a watch file
  * Update copyright file

  Dependencies:
  * Depend on libjs-yui instead of yui (renamed after lenny)
  * Add dependency on unzip
  * Recommend php5-xmlrpc and aspell
  * Suggest clamav
  * Demoted mimetex to recommended

  Generated config:
  * Turn 'dbpersist' on by default in the generated config.php
  * Include whitespace warning at the end of generated config.php
  * Set the path to du, unzip and zip

moodle (1.8.2.dfsg-4) unstable; urgency=high

  * Improve the fix for log URL filtering as suggested by Steffen Joeris
    (MSA-09-0007 / CVE-2009-0500)
  * Backport upstream fix for calendar export leakage
    (MSA-09-0006 / CVE-2009-0501)

moodle (1.8.2.dfsg-3) unstable; urgency=high

  * Delete unused (but vulnerable) Spellchecker plugin to htmlarea
    (MSA-09-0005, CVE-2008-5153)
  * Hide images of deleted users (MSA-09-0001)
  * Fix user pix disclosure (MSA-09-0002)
  * Fix XSS vulnerabilities in HTML blocks (MSA-09-0004)
  * Fix XSS vulnerabilities in logs (MSA-09-0007)
  * Fix CSRF vulnerability in forum code (MSA-09-0008)

moodle (1.8.2.dfsg-2) unstable; urgency=high

  [ Dan Poltawski ]
  * Patch SQL injection bug in hotpot module (MSA-08-0010)
  * Fix XSS bug in logged urls (MDL-11414)
  * Fix XSS bug in install script (MSA-08-0004)
  * Fix insufficient access control in Login as feature (MSA-08-0003)
  * Profiles of deleted users were accessible allowing for spam (MSA-08-0015)
  * Deficincy in text cleaning functions allowed for XSS (MSA-08-0021)
  * Fix CSRF in messaging settings (MSA-08-0023)
  * Fix anonymous group creation and html injection (MDL-11759)
  * Fix SQL injection bug in mnet (MDL-9288)
  * Fix SQL injection bug in restore (MDL-11857)
  * Insufficient cleaning of essay questions (MDL-12079)
  * Fix insufficient cleaning of PARAM_HOST (MDL-12793)
  * Fix XSS bug in logged urls (MDL-11414)
  * Fix uncleaned params in wiki (MDL-14806)

  [ Francois Marier ]
  * Update ht...

Read more...

Changed in moodle:
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.