Path to this page:
Subject: CVS commit: [pkgsrc-2012Q2] pkgsrc/www/moodle
From: Matthias Scheler
Date: 2012-07-28 14:26:16
Message id: 20120728122616.BE607175DD@cvs.netbsd.org
Log Message:
Pullup ticket #3878 - requested by wen
www/moodle: security update
Revisions pulled up:
- www/moodle/Makefile 1.13
- www/moodle/PLIST 1.10
- www/moodle/distinfo 1.10
---
Module Name: pkgsrc
Committed By: wen
Date: Fri Jul 27 12:44:21 UTC 2012
Modified Files:
pkgsrc/www/moodle: Makefile PLIST distinfo
Log Message:
Update to 2.1.7
Approved by: obache@
Upstream changes:
Highlights
MDL-28557 Group event now appears to teachers, managers and administrators
MDL-33398 MDL-27368 Cron works when course completion is enabled
Functional changes
MDL-24401 Lesson string changes
MDL-33401 Managers can add blocks at the site level
Security issues
MSA-12-0042 File access issue in blocks
MSA-12-0043 Early information access issue in forum
MSA-12-0044 Capability check issue in forum subscriptions
MSA-12-0045 Injection potential in admin for repositories
MSA-12-0046 Insecure protocol redirection in LDAP authentication
MSA-12-0047 SQL injection potential in Feedback module
MSA-12-0048 Possible XSS in cohort administration
MSA-12-0049 Group restricted activity displayed to all users
MSA-12-0050 Potential DOS attack through database activity
Fixes and improvements
MDL-32866 Filemanager in private files now saves changes
MDL-33583 "Keep all" automated backups now works
MDL-33607 Add new wiki page no longer reports error writing to database
MDL-33603 Database activity entries are linked correctly
MDL-26892 Question images not lost during upgrade
MDL-29924 Glossary attachments appear in filter popups
Files: