Package: mahara
Severity: grave
Tags: security upstream patch


the following vulnerability was published for mahara.

Arbitrary image download

Upstream bugreport is at [1] and a patch for the 1.5 branch was
commited in [2].

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:


Please adjust the affected versions in the BTS as needed.

p.s.: opening individual bugreports so that the individual bugs/CVE's
      can be tracked separately when closing the bug, since I have not
      verified that these bugs at same time all versions in Debian.


To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact

Reply via email to