This bug was fixed in the package mahara - 1.1.5-1ubuntu1
---------------
mahara (1.1.5-1ubuntu1) lucid; urgency=low
[ Francois Marier ]
* SECURITY UPDATE: privilege escalation (LP: #463082)
- debian/patches/CVE-2009-3298.dpatch: fix from upstream
- CVE-2009-3298
* SECURITY UPDATE: cross-site scripting vulnerability (LP: #463083)
- debian/patches/CVE-2009-3299.dpatch: fix from upstream
- CVE-2009-3299
* Add dpatch support
-- Jamie Strandboge <[email protected]> Wed, 04 Nov 2009 11:29:22
-0600
** Changed in: mahara (Ubuntu Lucid)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-3299
--
privilege escalation for institution admins CVE-2009-3298
https://bugs.launchpad.net/bugs/463082
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
--
universe-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/universe-bugs
