severity 507185 normal
thanks
Hi Steffen,
Thanks for taking the time to find and list all of these third-party
libraries.
We do want to eliminate these as much as possible (the last upload removed
smarty and yui for example [0]) and reduce our time spent fixing security
bugs in third-party software.
Unfortunately, many of these libraries had to be customised in Moodle. For
instance, these ones have documented customisations:
- libphp-snoopy [1]
- libphp-adodb [2]
- libphp-phpmailer [3]
- pclzip [4] (which was missing from your list)
I believe that this one has also been customised but it's not currently
documented:
- tinymce
I hadn't yet seen this one (thanks for the heads up!), but it's not
available in Lenny:
- libmarkdown-php
Finally, I couldn't find Debian packages for these ones, are they in Debian
already?
- domxml-php4-to-php5.php
- kses
Cheers,
Francois
[0]
http://git.debian.org/?p=pkg-moodle/moodle.git;a=blob;f=debian/changelog;hb=lenny
[1]
http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/snoopy/moodle_readme.txt;hb=cvshead
[2]
http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/adodb/readme_moodle.txt;hb=cvshead
[3]
http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/phpmailer/README_MOODLE.txt;hb=cvshead
[4]
http://git.catalyst.net.nz/gitweb?p=moodle-r2.git;a=blob;f=lib/pclzip/readme_moodle.txt;hb=cvshead
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]