Re: Please unblock moodle-1.8.2-2
On 2008-11-28 at 23:39:58, Gerfried Fuchs wrote:
> (would be kind to get informations who that team is, too - more out of
> curiosity about size or if those people might really be actively
> interested)
The team currently consists of 4 people involved in the Moodle development
community:
- Dan Poltawski
- Penny Leach
- Mathieu Petit-Clair
and myself
(2 of which are working for a Moodle Partner and one of which is working for
Moodle.com)
> | There are many more open security issues in stable:
> | http://security-tracker.debian.net/tracker/source-package/moodle
Yes, we are very interested in fixing all of these issues in stable as well.
In fact, we have already contacted the security team about an updated
package we have prepared for Etch:
http://git.debian.org/?p=pkg-moodle/moodle-etch.git
(and we found a few other issues without CVE numbers)
> Furthermore, moodle does have aside from smarty also other embedded
> code copies that should had get addressed a long time ago already,
> what's your plan about that?
We have removed a few of those in the latest packages, but most of these
embedded copies unfortunately had to be modified in Moodle for various
reasons.
The Moodle long-term plan is to upstream these customisations as much as
possible. As that happens, we will remove them from the Debian package and
add dependencies to the relevant packages.
Cheers,
Francois
Reply to: