Bug 203844

Summary: New version with security fixes available
Product: [Fedora] Fedora Reporter: Till Maas <opensource>
Component: moodleAssignee: Jason Tibbitts <j>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: medium    
Version: rawhideCC: extras-qa, fedora-security-list
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://docs.moodle.org/en/Release_Notes#Various_fixes
Whiteboard:
Fixed In Version: 1.5.4-1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-08-25 03:29:46 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Till Maas 2006-08-23 23:15:18 UTC 
Description of problem:

Fedora Extras contains 1.5.3 but 1.5.4 with security fixes is available.
Comment 1 Till Maas 2006-08-24 00:09:32 UTC 
Changelog:

http://docs.moodle.org/en/Release_Notes#Various_fixes

Moodle 1.5.4
21st May, 2006 
(Because this release contains important security fixes, we highly advise that 
sites using any previous version of Moodle upgrade to this version as soon as 
possible.) 

Various fixes
Security 
 Improved kses cleaning of html SC#204 
 Prevent unwanted password change here SC#225 
 Fix for Secunia Advisory SA18267, plus some logging of suspicious activity. 
 AdoDB tests cleanup after Secunia Advisory SA18267 
 Fixed $cfg->forceloginforprofiles logic SC#207. Backported from HEAD
Comment 2 Luke Macken 2006-08-24 19:46:57 UTC 
Ignacio has been MIA for quite some time now, so it's best if someone else can
step up and take care of this.
Comment 3 Jason Tibbitts 2006-08-24 19:55:48 UTC 
I'm pushing 1.5.4 through the buildsystem now, on the devel branch.  The process
is going quite slowly for some reason.

If the build goes OK, I will set up a basic installation and test that an
upgrade goes smoothly and then push to FC4 and FC5.
Comment 4 Jason Tibbitts 2006-08-25 03:29:46 UTC 
I have built 1.5.4 for FC4, FC5 and devel; it should appear on the mirrors with
the next push.