On 07/23/2012 09:02 AM, Didier 'OdyX' Raboud wrote:
Le vendredi, 20 juillet 2012 20.56:21, Tomasz Muras a écrit :
...those are not covered:
MDL-31692 (CVE-2012-3389)
MDL-32126 (CVE-2012-3398)
MDL-33916 (CVE-2012-3388)
MDL-32199 (CVE-2012-3391)
MDL-31460 (CVE-2012-3392)
MDL-32155 (CVE-2012-3390)
We should update your current package & submit it once. Would you like
to update it? (I would be grateful)
I most probably won't have time before Wednesday evening but would be willing
to get those CVE fixed too.
Cool, thanks.
For now, I propose to just let my NMU enter the archive and upload these other
CVE fixes later, no?
Yes.
(By the way, this bug should also be fixed in the moodle version in stable.)
Yes - but there should be only one patch required for 1.9 series:
http://docs.moodle.org/dev/Moodle_1.9.19_release_notes
Tomek
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
