Bug 203844 - New version with security fixes available
Summary: New version with security fixes available
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: moodle
Version: rawhide
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
Assignee: Jason Tibbitts
QA Contact: Fedora Extras Quality Assurance
URL: http://docs.moodle.org/en/Release_Not...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-08-23 23:15 UTC by Till Maas
Modified: 2007-11-30 22:11 UTC (History)
2 users (show)

Fixed In Version: 1.5.4-1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-08-25 03:29:46 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Till Maas 2006-08-23 23:15:18 UTC
Description of problem:

Fedora Extras contains 1.5.3 but 1.5.4 with security fixes is available.

Comment 1 Till Maas 2006-08-24 00:09:32 UTC
Changelog:

http://docs.moodle.org/en/Release_Notes#Various_fixes

Moodle 1.5.4
21st May, 2006 
(Because this release contains important security fixes, we highly advise that 
sites using any previous version of Moodle upgrade to this version as soon as 
possible.) 

Various fixes
Security 
 Improved kses cleaning of html SC#204 
 Prevent unwanted password change here SC#225 
 Fix for Secunia Advisory SA18267, plus some logging of suspicious activity. 
 AdoDB tests cleanup after Secunia Advisory SA18267 
 Fixed $cfg->forceloginforprofiles logic SC#207. Backported from HEAD

Comment 2 Luke Macken 2006-08-24 19:46:57 UTC
Ignacio has been MIA for quite some time now, so it's best if someone else can
step up and take care of this.

Comment 3 Jason Tibbitts 2006-08-24 19:55:48 UTC
I'm pushing 1.5.4 through the buildsystem now, on the devel branch.  The process
is going quite slowly for some reason.

If the build goes OK, I will set up a basic installation and test that an
upgrade goes smoothly and then push to FC4 and FC5.

Comment 4 Jason Tibbitts 2006-08-25 03:29:46 UTC
I have built 1.5.4 for FC4, FC5 and devel; it should appear on the mirrors with
the next push.


Note You need to log in before you can comment on or make changes to this bug.