Package: mahara Severity: grave Tags: security upstream patch Hi,
the following vulnerability was published for mahara. CVE-2013-4429[0]: Arbitrary image download Upstream bugreport is at [1] and a patch for the 1.5 branch was commited in [2]. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4429 http://security-tracker.debian.org/tracker/CVE-2013-4429 [1] https://bugs.launchpad.net/mahara/+bug/1211758 [2] http://bazaar.launchpad.net/~mahara-release/mahara/1.5_STABLE/revision/5543 Please adjust the affected versions in the BTS as needed. p.s.: opening individual bugreports so that the individual bugs/CVE's can be tracked separately when closing the bug, since I have not verified that these bugs at same time all versions in Debian. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
