moodle (2.2.6.dfsg-1+lliurex0) precise; urgency=low * Backport from Raring -- Vicente Balaguer Domenech Wed, 03 Jul 2013 14:25:34 +0200 moodle (2.2.6.dfsg-1) unstable; urgency=low * New upstream version: 2.2.6 (Build: 20121112) -- Tomasz Muras Thu, 15 Nov 2012 21:50:13 +0100 moodle (2.2.3.dfsg-2.6) unstable; urgency=low * Non-maintainer upload. * Backport multiple security issues from upstream's MOODLE_22_STABLE branch. - MSA-12-0057: MDL-29872 - Access issue through repository Fixes CVE-2012-5471 - MSA-12-0058: MDL-32785 - Possible form data manipulation issue Fixes CVE-2012-5472 - MSA-12-0059: MDL-34448 - Information leak in Database activity module Fixes CVE-2012-5473 - MSA-12-0061: MDL-33791 - Remote code execution through Portfolio API Fixes CVE-2012-5479 - MSA-12-0062: MDL-35558 - Information leak in Database activity module Fixes CVE-2012-5480 -- Didier Raboud Mon, 12 Nov 2012 10:00:00 +0100 moodle (2.2.3.dfsg-2.5) unstable; urgency=low * Non-maintainer brown-paper bag upload. * Fix the preinst shell syntax to properly drop the left-over symlink in favour of the shipped directory. (Closes: #689506 fo real now) -- Didier Raboud Wed, 31 Oct 2012 08:25:55 +0100 moodle (2.2.3.dfsg-2.4) unstable; urgency=low * Non-maintainer upload. * Drop a left-over symlink in favour of the shipped directory. (Closes: #689506) -- Didier Raboud Sun, 28 Oct 2012 15:01:09 +0100 moodle (2.2.3.dfsg-2.3) unstable; urgency=low * Non-maintainer upload. * Backport multiple security issues from upstream's MOODLE_22_STABLE branch. (Closes: #687924) - MSA-12-0051: MDL-30792 - File upload size constraint issue Fixes CVE-2012-4400 - MSA-12-0052: MDL-28207 - Course topics permission issue Fixes CVE-2012-4401 - MSA-12-0053: MDL-34585 - Blog file access issue Fixes CVE-2012-4407 - MSA-12-0054: MDL-34519 - Course reset permission issue Fixes CVE-2012-4408 - MSA-12-0055: MDL-34368 - Web service access token issue Fixes CVE-2012-4402 -- Didier Raboud Fri, 28 Sep 2012 12:52:21 +0200 moodle (2.2.3.dfsg-2.2) unstable; urgency=low * Non-maintainer upload. * Backport multiple security issues from upstream's MOODLE_22_STABLE branch. (Closes: #682203) - MDL-31692 mod_lti - ensure that various mforms are used properly Fixes CVE-2012-3389 - MDL-33916 Ensure that capabilities are checked for cached user enrolments Fixes CVE-2012-3388 -- Didier Raboud Mon, 23 Jul 2012 19:13:56 +0200 moodle (2.2.3.dfsg-2.1) unstable; urgency=low * Non-maintainer upload. * Backport multiple security issues from upstream's MOODLE_22_STABLE branch (Closes: #682203) - MDL-33808 - format title on the repository instance screen - MDL-33808 - incorrect cleaning of repository names Both patches fix CVE-2012-3393. - MDL-23254 Authentication : used httpswwwroot as root url during authentication procedure where $PAGE->https_required() is specified. Fix CVE-2012-3394 - MDL-27675 - Feedback module abuses data_submitted Fix CVE-2012-3395 - MDL-34045 fix invalid idnumber field type in cohort form Fix CVE-2012-3396 - MDL-33466: Group restriction should hide activity even with 'show availability' option Fix CVE-2012-3397 -- Didier Raboud Fri, 20 Jul 2012 19:52:07 +0200 moodle (2.2.3.dfsg-2) unstable; urgency=low * Don't depend on ucf during purge (closes: #678027) -- Tomasz Muras Thu, 21 Jun 2012 17:31:35 +0200 moodle (2.2.3.dfsg-1) unstable; urgency=high * New upstream version: 2.2.3+ (Build: 20120615) closes: #674163 -- Tomasz Muras Sat, 16 Jun 2012 21:39:12 +0200 moodle (2.2.2.dfsg-2) unstable; urgency=low * Fix path to cron (closes: #669229) -- Tomasz Muras Wed, 18 Apr 2012 19:34:35 +0200 moodle (2.2.2.dfsg-1) unstable; urgency=low * New upstream version: 2.2.2+ (Build: 20120412) closes: #658865,#664260,#647489,#443949,#441013,#505044,#375290 * Updated Standards-Versions to 3.9.3 * Removing Dan from maintainers (thanks for all your work Dan!) -- Tomasz Muras Sun, 15 Apr 2012 13:50:52 -0400 moodle (1.9.9.dfsg2-6) unstable; urgency=high * Backporting security fixes from Moodle 1.9.17 - MSA-12-00013 DB activtity export does not respect groups (CVE-2012-1155, closes: #668411) -- Tomasz Muras Thu, 12 Apr 2012 21:55:48 +0100 moodle (1.9.9.dfsg2-5.1) unstable; urgency=low * Non-maintainer upload. * Fix pending l10n issues. Debconf translations: - Danish (Joe Hansen). Closes: #658747 - Dutch; (Jeroen Schot). Closes: #660243 - Brazilian Portuguese (Adriano Rafael Gomes). Closes: #668092 - Italian (Beatrice Torracca). Closes: #668161 -- Christian Perrier Tue, 10 Apr 2012 07:36:58 +0200 moodle (1.9.9.dfsg2-5) unstable; urgency=high * Backporting security fixes from Moodle 1.9.15 and 1.9.16 (closes: #652235) - MSA-11-0054 Personal information leak - MSA-11-0045 Potential to masquerade through MNet (CVE-2011-4584) - MSA-11-0046 Insecure authentication transmission (CVE-2011-4585) - MSA-11-0047 Possible injection attack in Calendar (CVE-2011-4586) - MSA-11-0048 Password loss issue (CVE-2011-4587) - MSA-11-0049 Network restriction ineffective with MNet (CVE-2011-4588) - MSA-12-0007 Email injection prevention (CVE-2012-0796) - MSA-12-0006 Additional email address validation (CVE-2012-0795) - MSA-12-0005 Encryption enhancement (CVE-2012-0794) - MSA-12-0004 Added profile image security (CVE-2012-0793) - MSA-12-0003 Added password protection - MSA-12-0002 Personal information leak, previously MSA-11-0040 (CVE-2011-4308 and CVE-2012-0792) - MSA-12-0001 Recaptcha transmission consistency issue -- Tomasz Muras Mon, 27 Feb 2012 21:14:48 +0000 moodle (1.9.9.dfsg2-4) unstable; urgency=high * Backporting security fixes from Moodle 1.9.13 and 1.9.14 - MSA-11-0026 Fields in user upload CSV not being escaped (MDL-28360) - MSA-11-0025 Group names in user upload CSV not being escaped (MDL-28197) - MSA-11-0024 Recaptcha images were being authenticated from an older server (MDL-27889) (closes: #638935) - MSA-11-0020 Continue links in error messages can lead offsite (MDL-27464) - MSA-11-0038 Database injection protection strengthened (MDL-29033) - MSA-11-0037 Course section editing injection vulnerability (MDL-28722) - MSA-11-0036 Messaging refresh vulnerability (MDL-29311) - MSA-11-0032 MNET SSL validation issue (MDL-29148) - MSA-11-0031 Forms API constant issue (MDL-23872) * Make sure that smarty & yui symlinks are correct (closes: 603255,614712) -- Tomasz Muras Fri, 28 Oct 2011 13:29:14 +0100 moodle (1.9.9.dfsg2-3) unstable; urgency=high * Backporting security fixes from Moodle 1.9.11 and 1.9.12 - MSA-11-0002 Cross-site request forgery vulnerability in RSS block (MDL-18839) - MSA-11-0003 Cross-site scripting vulnerability in tag autocomplete (MDL-25754) - MSA-11-0008 IMS enterprise enrolment file may disclose sensitive information (MDL-26189) - MSA-11-0011 Multiple cross-site scripting problems in media filter (MDL-26030) - MSA-11-0015 Cross Site Scripting through URL encoding (MDL-26966) - MSA-11-0013 Group/Quiz permissions issue (MDL-25122) -- Tomasz Muras Wed, 18 May 2011 20:57:59 +0100 moodle (1.9.9.dfsg2-2.1) unstable; urgency=low * Non-maintainer upload. * Fix encoding of Swedish debconf translation. -- Christian Perrier Tue, 11 Jan 2011 22:03:44 +0100 moodle (1.9.9.dfsg2-2) unstable; urgency=low * Added Romanian translation * Updated Japanese translation (closes: #596820) * Backporting security fixes from Moodle 1.9.10 (closes: #601384) - Updated embedded CAS to 1.1.3 - Added patch for MDL-24523: clean_text() not filtering text in markdown format - Added patch for MDL-24810 and upgraded customized HTML Purifier to 4.2.0 - Added patch for MDL-24258: students can delete their forum posts later than $CFG->maxeditingtime under certain conditions - Added patch for MDL-23377: Can't delete quiz attempts in course without enrolled students -- Tomasz Muras Sat, 30 Oct 2010 12:19:28 +0100 moodle (1.9.9.dfsg2-1) unstable; urgency=low * Enable HTML purifier by default * Added Janapenese translation (closes: #593808) * Removed from source swf files without a source code and added README.source * Updated bundled HTML purifier library - fix for CVE-2010-2479 (closes: #593301) -- Tomasz Muras Tue, 24 Aug 2010 20:35:29 +0100 moodle (1.9.9.dfsg-1) unstable; urgency=low [ Jonathan Wiltshire ] * Debconf templates and debian/control reviewed by the debian-l10n- english team as part of the Smith review project. Closes: #588871 * Debconf translation updates: - Russian (closes: #589247) - Czech (closes: #589265) - Swedish (closes: #589270) - French (closes: #589510) - German (closes: #590120) - Spanish (closes: #590449) - Portugese (closes: #590556) [ Tomasz Muras ] * New debconf translation - Polish * Removed .swf files as non-free (closes: #591201) * Fixed generation of config.php for postgres (thanks Giles Westwood) -- Tomasz Muras Sun, 15 Aug 2010 21:19:10 +0100 moodle (1.9.9-2) unstable; urgency=low * Fixed JS includes for YUI library (closes: #589612) * Bumped standards version to 3.9.0 * Moved BSD licenses into copyright (fixes lintian warning) * Setting DM-Upload-Allowed as agreed with Xavier Oswald -- Tomasz Muras Thu, 22 Jul 2010 23:23:22 +0100 moodle (1.9.9-1) unstable; urgency=low * Rewritten debian/rules * Removed unnecessary usr/share/moodle/update-notifier * New Upstream Version: 1.9.9 * New upstream fixes CVE-2010-1619 (closes: #585425) * New upstream fixes MSA-10-0011 (closes: #586280) -- Tomasz Muras Wed, 23 Jun 2010 21:00:39 +0100 moodle (1.9.8-1) unstable; urgency=low [Tomasz Muras] * New Maintainer (closes: #581229, #574969). * New Upstream Version (closes: #475535). * Added information about flvplayer to copyright (closes: #526543). * phpCAS XSS vulnerability fixed in mainstream Moodle 1.9.8 (closes: #574757). * Several security issues fixed in upstream (closes: #576189). * Moodle depends on postgresql or MySQL (closes: #551399). * Re-written to use dbconfig-common (closes: #302205). * Updated copyright with two new entires (closes: #526543). * Drop use of wwwconfig (closes: #389502). * Package is now not creating Apache config automatically (closes: #555672). It's up to the user to configure the webserver but package provides the templates. * Added "allow from localhost" (closes: #551402). * Asking for wwwroot during the installation (closes: #302207). * Removing nusoap as it's not necessary for PHP 5 (closes: #529573). [Xavier Oswald] * Add myself as uploader. * Bump Stadards-Version to 3.8.4. * debian/copyright: update with DEP-5 format proposal. * Switch to dpkg-source 3.0 (quilt) format [Francois Marier] * Bump debhelper compatibility to 7 * Add a watch file * debian/control (dependencies) - Depend on libjs-yui instead of yui (renamed after lenny) - Add dependency on unzip - Recommend php5-xmlrpc and aspell - Suggest clamav - Demoted mimetex to recommended * Turn 'dbpersist' on by default in the generated config.php * Include whitespace warning at the end of generated config.php * Set the path to du, unzip and zip * Fix a warning with E_STRICT is turned on -- Xavier Oswald Sun, 20 Jun 2010 16:02:14 +0200 moodle (1.8.2.dfsg-4) unstable; urgency=high * Improve the fix for log URL filtering as suggested by Steffen Joeris (MSA-09-0007 / CVE-2009-0500) * Backport upstream fix for calendar export leakage (MSA-09-0006 / CVE-2009-0501) -- Francois Marier Thu, 12 Feb 2009 17:27:07 +1300 moodle (1.8.2.dfsg-3) unstable; urgency=high * Delete unused (but vulnerable) Spellchecker plugin to htmlarea (MSA-09-0005, CVE-2008-5153) * Hide images of deleted users (MSA-09-0001) * Fix user pix disclosure (MSA-09-0002) * Fix XSS vulnerabilities in HTML blocks (MSA-09-0004) * Fix XSS vulnerabilities in logs (MSA-09-0007) * Fix CSRF vulnerability in forum code (MSA-09-0008) -- Francois Marier Mon, 02 Feb 2009 19:09:10 +1300 moodle (1.8.2.dfsg-2) unstable; urgency=high [ Dan Poltawski ] * Patch SQL injection bug in hotpot module (MSA-08-0010) * Fix XSS bug in logged urls (MDL-11414) * Fix XSS bug in install script (MSA-08-0004) * Fix insufficient access control in Login as feature (MSA-08-0003) * Profiles of deleted users were accessible allowing for spam (MSA-08-0015) * Deficincy in text cleaning functions allowed for XSS (MSA-08-0021) * Fix CSRF in messaging settings (MSA-08-0023) * Fix anonymous group creation and html injection (MDL-11759) * Fix SQL injection bug in mnet (MDL-9288) * Fix SQL injection bug in restore (MDL-11857) * Insufficient cleaning of essay questions (MDL-12079) * Fix insufficient cleaning of PARAM_HOST (MDL-12793) * Fix XSS bug in logged urls (MDL-11414) * Fix uncleaned params in wiki (MDL-14806) [ Francois Marier ] * Update html2text to prevent code execution attacks (closes: #508909) -- Francois Marier Wed, 17 Dec 2008 13:37:10 +1300 moodle (1.8.2.dfsg-1) unstable; urgency=high * Replace html2text with a GPL alternative (closes: #507947) * Fix XSS in the wiki module (CVE-2008-5432, closes: #508593) * Add Dan Poltawski to the uploaders field -- Francois Marier Tue, 16 Dec 2008 20:24:27 +1300 moodle (1.8.2-2) unstable; urgency=high * Adopt orphaned package (closes: #494642) * Acknowledge security NMU (closes: #489533, #432264) * Add Vcs-* fields to debian/control Release-critical and security bugs: * Depend on smarty instead of using the embedded copy that is shipped with Moodle (closes: #471158, #488525, #504345) * Patch security bug in the embedded (and customised) copy of phpmailer (CVE-2007-3215, closes: #429339, #429190) * Patch cross-site scripting bug (CVE-2008-3326, closes: #492492) * Patch snoopy input sanitising (CVE-2008-4796, closes: #504235) * Upgrade to new LGPL version of domxml-php4-to-php5 (closes: #496069) Trivial bug fixes: * Depend on zip (closes: #408995) * Add mysql-client as an alternative to postgresql-client (closes: #417554, #469094) * Recommend php5-ldap (closes: #425839) * Delete unnecessary script with bashisms (closes: #489634) Lintian warnings: * Bump Standards-Version to 3.8.0 * Add homepage field to debian/control * Remove cvsignore file * Remove extra license file * Depend on yui instead of using an embedded copy -- Francois Marier Fri, 07 Nov 2008 08:24:28 +1300 moodle (1.8.2-1.3) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix broken HTML filtering which could be used to perform XSS attacks, bypass restrictions or possibly execute arbitrary code (CVE-2008-1502; Closes: #489533). -- Nico Golde Sun, 20 Jul 2008 18:07:55 +0200 moodle (1.8.2-1.2ubuntu2) intrepid; urgency=low * SECURITY UPDATE: arbitrary code execution via multiple vectors. - Add CVE-2008-1502.dpatch: upstream KSES lib fixes, thanks to Nico Golde. -- Kees Cook Wed, 22 Oct 2008 14:01:33 -0700 moodle (1.8.2-1.2ubuntu1) intrepid; urgency=low * Merge from debian unstable, remaining changes: - Suggest php5-ldap - Modify Maintainer value to match Debian-Maintainer-Field Spec - debian/postinst ucf fixes - drop use of wwwconfig (database code in postinst stolen from mythtv) -- Oliver Grawert Thu, 01 May 2008 02:19:09 +0100 moodle (1.8.2-1.2) unstable; urgency=low * Non-maintainer upload to fix pending l10n issues. * Debconf translations: - Japanese. Closes: #413105 - Spanish. Closes: #413779 - German. Closes: #415888 - Dutch. Closes: #425711 - Slovak. Closes: #437511 - Brazilian Portuguese. Closes: #437680 - Finnish. Closes: #468212 - Basque. Closes: #470362 - Galician. Closes: #470430 - Vietnamese. Closes: #470602 - Russian. Closes: #470790 * [Lintian] Fix format of NEWS.Debian * [Lintian] Move debconf dependency to Pre-Depends as it is used in the preinst script -- Christian Perrier Fri, 14 Mar 2008 07:33:53 +0100 moodle (1.8.2-1.1) unstable; urgency=low * Non-maintainer upload from the Zurich BSP * Added dependency on postgresql-client (Closes: #431589) -- Tobias Klauser Sat, 12 Jan 2008 17:04:03 +0100 moodle (1.8.2-1ubuntu4) hardy; urgency=low * debian/postinst: ... except we should explicitly pass --debconf-ok to ucf, for compatibility with older versions. -- Steve Langasek Fri, 28 Mar 2008 01:16:24 +0000 moodle (1.8.2-1ubuntu3) hardy; urgency=low * debian/postinst: Only call db_stop after ucf has been run in handle_config(), since ucf itself uses debconf; and drop the "exec 0<&1" workaround which no longer matters. LP: #203844 -- Steve Langasek Fri, 28 Mar 2008 00:37:00 +0000 moodle (1.8.2-1ubuntu2) gutsy; urgency=low * Package changed to avoid use of wwwconfig; borrowed database setup code from Ubuntu mythtv package. -- Matt Oquist Sat, 28 Jul 2007 16:14:18 +0200 moodle (1.8.2-1ubuntu1) gutsy; urgency=low * Merge from Debian unstable. Remaining Ubuntu changes: - Depends on postgresql-client - Suggest php5-ldap - Modify Maintainer value to match Debian-Maintainer-Field Spec -- Vincent Legout Tue, 17 Jul 2007 16:14:18 +0200 moodle (1.8.2-1) unstable; urgency=low * New upstream release, fixes security bug, closes: #432264 -- Isaac Clerencia Mon, 09 Jul 2007 00:24:17 +0200 moodle (1.8.1-1ubuntu1) gutsy; urgency=low * Merge from debian unstable, remaining changes: - Depends on postgresql-client - Suggest php5-ldap - Set apache2 as default in debian/templates - Update Maintainer field in debian/control -- Luca Falavigna Fri, 15 Jun 2007 23:33:55 +0100 moodle (1.8.1-1) unstable; urgency=low * New upstream release * Add php5-curl | php4-curl dependency for the new network features * No longer depend on php4 and apache 1 -- Isaac Clerencia Fri, 15 Jun 2007 14:12:43 +0200 moodle (1.7.2-1ubuntu2) gutsy; urgency=low * Switch back to postgresql-client and postgresql (LP: 110054) * Suggest php5-ldap (LP: 107713) -- Luca Falavigna Sun, 10 Jun 2007 23:56:16 +0200 moodle (1.7.2-1ubuntu1) gutsy; urgency=low * Merge from Debian unstable. Remaining Ubuntu changes: + debian/control: - php5 by default. - Add postgresql-client-8.1 to Depends. - Update Recommends alternate to postgresql-8.1. + debian/templates: Ensure the default corresponds to the install- time dependencies (apache2). * Modify Maintainer value to match Debian-Maintainer-Field Spec -- Arthur Loiret Sun, 3 Jun 2007 20:53:01 +0200 moodle (1.7.2-1) unstable; urgency=low * New upstream release -- Isaac Clerencia Fri, 01 Jun 2007 12:54:59 +0200 moodle (1.7.1-1) experimental; urgency=low * New upstream release -- Isaac Clerencia Wed, 24 Jan 2007 14:21:34 +0100 moodle (1.7+20061215-1) experimental; urgency=low * New upstream release -- Isaac Clerencia Fri, 15 Dec 2006 13:39:14 +0100 moodle (1.6.3-2ubuntu1) feisty; urgency=low * Merge from debian unstable, remaining changes: - debian/control: + php5 by default. + Add postgresql-client-8.1 to Depends. + Update Recommends alternate to postgresql-8.1. - debian/templates: Ensure the default corresponds to the install- time dependencies (apache2). -- Kees Cook Mon, 18 Dec 2006 12:28:27 -0800 moodle (1.6.3-2) unstable; urgency=high * Urgency high as it fixes a security bug and should enter Etch ASAP * Fix security bug in the forum module (discuss.php) -- Isaac Clerencia Thu, 14 Dec 2006 14:14:27 +0100 moodle (1.6.3-1ubuntu1) feisty; urgency=low * Merge from debian unstable. Remaining Ubuntu changes: - debian/control: + php5 by default. + Add postgresql-client-8.1 to Depends. + Update Recommends alternate to postgresql-8.1. - debian/templates: Ensure the default corresponds to the install- time dependencies (apache2). -- Kees Cook Wed, 29 Nov 2006 16:08:37 -0800 moodle (1.6.3-1) unstable; urgency=low * New upstream release -- Isaac Clerencia Thu, 19 Oct 2006 11:37:40 +0200 moodle (1.6.2+20060930-1) unstable; urgency=high * Urgency high because it fixes a critical security hole * New upstream release, closes: #390294, critical security hole * Notify the user if the selected server isn't installed, select apache2 by default instead of apache, closes: #389806 * Add a configuration section for php5 in apache.conf, closes: #387609 -- Isaac Clerencia Sat, 30 Sep 2006 12:14:29 +0100 moodle (1.6.2-1ubuntu1.1) edgy; urgency=low * SECURITY UPDATE: SQL injection vulnerability * Add '01_sql-injection-fix.dpatch': Correctly escape tag options. * References: CVE-2006-5219 http://cvs.moodle.com/blog/index.php?r1=1.18.2.2&r2=1.18.2.3 -- Kees Cook Wed, 11 Oct 2006 15:25:15 -0700 moodle (1.6.2-1ubuntu1) edgy; urgency=low * Merge from Debian unstable. The following Ubuntu changes remain: - debian/control: + Apply patch from Ubuntu #59472 to use php5 (Closes Ubuntu: #59472), + Add postgresql-client-8.1 to Depends (Closes Ubuntu: #51813), + Update Recommends alternate to postgresql-8.1, - debian/templates: Ensure the default corresponds to the install- time dependencies (apache2) so we can avoid the mess that was worked around in dapper-security. -- Daniel T Chen Sat, 23 Sep 2006 22:26:13 -0400 moodle (1.6.2-1) unstable; urgency=low * New upstream release, closes: #387177 * Debconf translation updates/additions: * Czech, closes: #371834 * French, closes: 372713 * Portuguese, closes: #381194 * Install config-dist.php in the documentation directory, closes: #386476 -- Isaac Clerencia Tue, 12 Sep 2006 22:06:34 +0200 moodle (1.6.1+20060825-1) unstable; urgency=low * New upstream release * Moodle neither uses nor plans to use ADODB_Pager, so it's not affected by #360396, but include patch for it anyway, just in case somebody decides to use it out of the blue -- Isaac Clerencia Fri, 25 Aug 2006 08:56:42 +0200 moodle (1.6-2ubuntu1) edgy; urgency=low [ Ubuntu Merge-o-Matic ] * Merge from debian unstable. -- Daniel T Chen Thu, 6 Jul 2006 20:30:30 -0400 moodle (1.6-2) unstable; urgency=low * Fix two problems in preinst, thanks to Jordi Mallach's workmate * Ship cron file in package instead of generating it at postinst -- Isaac Clerencia Mon, 3 Jul 2006 10:25:31 +0200 moodle (1.6-1ubuntu1) edgy; urgency=low * Merge from debian unstable: - Use Debian Sid's packaging save in debian/templates where we need to make sure the default corresponds to the install-time dependencies (apache2) so we can avoid the mess that was worked around in dapper-security. -- Daniel T Chen Fri, 30 Jun 2006 19:21:20 +0100 moodle (1.6-1) unstable; urgency=low * New upstream release, needs newer PHP version, so updated versioned dependencies -- Isaac Clerencia Mon, 19 Jun 2006 18:21:07 +0200 moodle (1.5.4-1) unstable; urgency=low * New upstream release * Depend on ucf * Move debhelper to Build-Depends as it's used in the clean target of debian/rules * Add colons to debconf template short descriptions * Bumped Standard-Versions to 3.7.2, no changes needed -- Isaac Clerencia Tue, 30 May 2006 17:48:11 +0200 moodle (1.5.3+20060206-1) unstable; urgency=low * New package created from 1.5.3+ branch, which includes several bugfixes * Allow moodle to be installed using php5 instead of php4, closes: #351298 * Changed apache | httpd to apache2-mpm-prefork | httpd -- Isaac Clerencia Mon, 6 Feb 2006 09:49:09 +0100 moodle (1.5.3+20060108-2) unstable; urgency=low * Throw cronjob output to /dev/null, closes: #349971 -- Isaac Clerencia Thu, 26 Jan 2006 13:01:58 +0100 moodle (1.5.3+20060108-1ubuntu1) dapper; urgency=low * Resynchronise with Debian. -- Daniel T Chen Mon, 09 Jan 2006 13:49:39 +0000 moodle (1.5.3+20060108-1) unstable; urgency=low * New package created from 1.5.3+ branch, which closes: #346509, a security bug in the ADODB code included in Moodle * Check for /usr/share/moodle/admin/cron.php existence in the cronjob, closes: #342304 * Use php4-cli instead of wget to run the cronjob, closes: #345930 -- Isaac Clerencia Sun, 8 Jan 2006 17:09:57 +0100 moodle (1.5.3-1ubuntu1) dapper; urgency=low * Resynchronise with Debian. -- Stephan Hermann Wed, 28 Dec 2005 18:25:41 +0100 moodle (1.5.3-1) unstable; urgency=low * New upstream release -- Isaac Clerencia Mon, 21 Nov 2005 21:09:21 +0100 moodle (1.5.2-1ubuntu1) breezy; urgency=low * Resync with debian (security update) * changed dependencys to php5 * changed apache dependency to apache2 * References CAN-2005-2247 -- Andrew Mitchell Thu, 13 Oct 2005 02:00:59 +1300 moodle (1.5.2-1) unstable; urgency=low * New upstream release -- Isaac Clerencia Wed, 20 Jul 2005 15:13:41 +0200 moodle (1.5.1-1) unstable; urgency=low * New upstream release -- Isaac Clerencia Tue, 12 Jul 2005 09:50:59 +0200 moodle (1.5-1) unstable; urgency=low * New upstream release * Added Vietnamese debconf translation, closes: #312961 -- Isaac Clerencia Wed, 22 Jun 2005 22:18:26 +0200 moodle (1.4.4.dfsg.1-3) unstable; urgency=high * Urgency high as this upload closes a security bug * Remove admin/delete.php on installation, fixes an important security bug -- Isaac Clerencia Mon, 30 May 2005 20:45:33 +0200 moodle (1.4.4.dfsg.1-2) unstable; urgency=low * Use find | xargs instead of rm to remove old sessions, closes: #300266 -- Isaac Clerencia Fri, 18 Mar 2005 18:47:32 +0100 moodle (1.4.4.dfsg.1-1) unstable; urgency=high * Urgency high as it closes a release critical bug and fixes some security problems * New upstream release * Replaced non-free fonts with free fonts for some languages in the original tarball, closes: #298938 * Set perms for /etc/moodle/config.php to 640 instead of 644, closes: #297237 * Use new option $CFG->respectsessionsettings = true; to clean sessions and remove old sessions from /var/lib/moodle/sessions: closes: #295124 * Added cs.po debconf template translation, closes: #298208 * Remove /var/lib/moodle/ when purging -- Isaac Clerencia Thu, 10 Mar 2005 01:02:48 +0100 moodle (1.4.3-1) unstable; urgency=high * Urgency high as upstream release fixes several security bugs * New upstream release * Write database creation errors and warn the user about it, closes: #285842, #285842 -- Isaac Clerencia Wed, 29 Dec 2004 00:49:52 +0100 moodle (1.4.2-2) unstable; urgency=low * Create user before creating database in postinst -- Isaac Clerencia Tue, 23 Nov 2004 10:55:28 +0100 moodle (1.4.2-1) unstable; urgency=high * New upstream release * Urgency high, as this upstream release closes several security bugs * Added some extra information to README.Debian, thanks to Kevin Coyner * Added apache2 as a choice for autoconfiguration, closes: #275444 -- Isaac Clerencia Wed, 10 Nov 2004 13:18:41 +0100 moodle (1.4.1-2) unstable; urgency=medium * Urgency medium, as it fixes the "default username" problem, which is a www-config bug but affects lots of moodle users * Use moodle as default database username, currently uses www-data which causes www-config to fail to create the database * Enabled Tex math filter and added mimetex in Depends: * Removed an extra line from README.Debian * Removed debian/overrides/ for lintian -- Isaac Clerencia Sun, 24 Oct 2004 12:16:39 +0200 moodle (1.4.1-1) unstable; urgency=low * New upstream release, closes: #270855 * /var/lib/moodle is now owned by www-data, closes: #258283 * Added README.Debian with some hints for database setup, closes: #272553, #270851 -- Isaac Clerencia Sat, 2 Oct 2004 00:37:53 +0200 moodle (1.4-1) unstable; urgency=low * New upstream release, closes: #256218, #256219 * Switched to a file in conf.d instead of an include in http.conf * Added DirectoryIndex index.php to apache.conf file, closes: #247554 -- Isaac Clerencia Tue, 7 Sep 2004 22:07:10 +0200 moodle (1.3.3-1) unstable; urgency=low * New upstream release -- Isaac Clerencia Mon, 19 Jul 2004 11:28:48 +0200 moodle (1.3.2-1) unstable; urgency=low * New upstream release -- Isaac Clerencia Mon, 19 Jul 2004 11:16:45 +0200 moodle (1.3.1-1) unstable; urgency=low * New upstream release, closes: #252693 * Added "exec 0<&1" to postinst to fix hang when ucf asks the user -- Isaac Clerencia Fri, 4 Jun 2004 23:45:37 +0200 moodle (1.2.1-3) unstable; urgency=low * Added a choice to use apache-perl in addition to apache and apache-ssl * Changed back priority to Optional, because no longer depends on php4-gd2 -- Isaac Clerencia Thu, 22 Apr 2004 11:32:40 +0200 moodle (1.2.1-2) unstable; urgency=low * Changed depends on php4-gd2 to php4-gd, closes: #243717 -- Isaac Clerencia Tue, 20 Apr 2004 23:16:47 +0200 moodle (1.2.1-1) unstable; urgency=low * New upstream release * Added ucf for better handling of config files * Changed priority to Extra -- Isaac Clerencia Tue, 30 Mar 2004 22:01:33 +0200 moodle (1.1.1-4) unstable; urgency=low * Added French debconf templates translation, closes: #235572 -- Isaac Clerencia Mon, 1 Mar 2004 12:22:03 +0100 moodle (1.1.1-3) unstable; urgency=low * Fixed debconf stuff by adding POTFILES.in, closes: #233114 Thanks to Martin Quirson. * Fixed bug in config generation that caused passwords including '$' broke the autentication * Removed moodle prefix from some debian/ files * Changed depend on debconf to misc:Depends * Updated version for debhelper build-depend to 4.1.13 -- Isaac Clerencia Tue, 17 Feb 2004 23:55:45 +0100 moodle (1.1.1-2) unstable; urgency=low * Now depends on php4-pgsql or php4-mysql not both * Added recommends for postgresql or mysql-serverl * Added documentation dir * Added wget in Depends: and changed cron.d to use wget * Fixed postinst to put the correct protocol in config.php and cron.d/moodle -- Isaac Clerencia Thu, 27 Nov 2003 23:14:11 +0100 moodle (1.1.1-1) unstable; urgency=low * Initial Debian Release, closes: #222475 -- Isaac Clerencia Thu, 27 Nov 2003 23:14:11 +0100