Package: mahara Severity: grave Tags: security upstream patch fixed-upstream
Hi, the following vulnerability was published for mahara. CVE-2013-4431[0]: Not checking ownership of blocks before editing them See upstream bugreport[1] which also contain a patch for the 1.5 branch[2]. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4431 http://security-tracker.debian.org/tracker/CVE-2013-4431 [1] https://bugs.launchpad.net/mahara/+bug/1233500 [2] https://bazaar.launchpad.net/~mahara-release/mahara/1.5_STABLE/revision/5542 Please adjust the affected versions in the BTS as needed. Regards, Salvatore _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
