Most relevant is that there is a well known cross-site scripting vulnerability in 1.9.x versions < 1.9.9 (per Debian bug #586280). Hence this is a security issue, not just a question of bugfixes. This has been updated in debian already. I see we do carry some ubuntu-specific patches which have to be reviewed.
** Summary changed: - Moodle needs to be updated to 1.9.9 (currently at 1.9.4) + Please Merge Moodle 1.9.4 in Maverick with Debian Unstable 1.9.9 - active security vulnerability -- Please Merge Moodle 1.9.4 in Maverick with Debian Unstable 1.9.9 - active security vulnerability https://bugs.launchpad.net/bugs/640572 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
