moodle (2.5.3-1) unstable; urgency=low

  * New upstream version: 2.5.3.
    - Incorporates CAS security patch.
    - Fixes security issues CVE-2013-4522, CVE-2013-4523,
      CVE-2013-4524, CVE-2013-4525, CVE-2013-6780.

 -- Thijs Kinkhorst <thijs@debian.org>  Fri, 22 Nov 2013 14:09:51 +0100

moodle (2.5.2-1) unstable; urgency=medium

  * New upstream version: 2.5.2.
    - Incorporates S3 security patch.

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 09 Sep 2013 15:22:35 +0200

moodle (2.5.1-2) unstable; urgency=low

  * Update debconf translation for
    Swedish, thanks Martin Bagge (closes: #717323);
    Italian, thanks Beatrice Torracca (closes: #717162);
    French, thanks Julien Patriarca (closes: #717548);
    Czech, thanks Michal Simunek (closes: #717550).
  * Add Breaks/Replaces moodle-book; integrated since Moodle 2.3.

 -- Thijs Kinkhorst <thijs@debian.org>  Sun, 04 Aug 2013 17:30:38 +0200

moodle (2.5.1-1) unstable; urgency=low

  * New upstream version: 2.5.1.
    - Fixes security issues:
      CVE-2013-2242 CVE-2013-2243 CVE-2013-2244 CVE-2013-2245
      CVE-2013-2246
  * Depend on apache2 instead of obsolete apache2-mpm-prefork.
  * Use packaged libphp-phpmailer (closes: #429339), adodb,
    HTMLPurifier, PclZip.
  * Update debconf translations, thanks Salvatore Merone, Pietro Tollot,
    Joe Hansen, Yuri Kozlov, Holger Wansing, Américo Monteiro,
    Adriano Rafael Gomes, victory, Michał Kułach.
    (closes: #716972, #716986, #717080, #717108, #717278)

 -- Thijs Kinkhorst <thijs@debian.org>  Fri, 19 Jul 2013 08:52:46 +0200

moodle (2.5-1) unstable; urgency=low

  * New upstream version: 2.5.
    - Removed problematically licenced JSON code (closes: #692626).
    - Fixes security issues:
      CVE-2012-3363, CVE-2012-6098, CVE-2012-6099, CVE-2012-6100,
      CVE-2012-6101, CVE-2012-6103, CVE-2012-6104, CVE-2012-6105,
      CVE-2012-6112, CVE-2013-1829, CVE-2013-1830, CVE-2013-1831,
      CVE-2013-1832, CVE-2013-1833, CVE-2013-1834, CVE-2013-1835,
      CVE-2013-1836, CVE-2013-2080, CVE-2013-2081, CVE-2013-2082,
      CVE-2013-2083 (closes: #702387, #703870).
  * FLV player removed, no need to repack source tarball.
  * Checked for policy 3.9.4, no changes. Updated to debhelper 8.
  * Use xz compression for binary packages.

 -- Thijs Kinkhorst <thijs@debian.org>  Fri, 28 Jun 2013 15:35:53 +0200

moodle (2.2.7.dfsg-1) unstable; urgency=low

  * New upstream version: 2.2.7+ (Build: 20130125)

  * Fix possible security issue for curl in 3rd party libraries:
    * phpCAS (CVE-2012-5583)
    * amazon-s3-php-class (CVE-2012-6087)

 -- Tomasz Muras <nexor1984@gmail.com>  Mon, 28 Jan 2013 17:43:26 +0100

moodle (2.2.6.dfsg-1) unstable; urgency=low

  * New upstream version: 2.2.6 (Build: 20121112)

 -- Tomasz Muras <nexor1984@gmail.com>  Thu, 15 Nov 2012 21:50:13 +0100

moodle (2.2.3.dfsg-2.6) unstable; urgency=low

  * Non-maintainer upload.

  * Backport multiple security issues from upstream's MOODLE_22_STABLE
    branch.
    - MSA-12-0057: MDL-29872 - Access issue through repository
      Fixes CVE-2012-5471
    - MSA-12-0058: MDL-32785 - Possible form data manipulation issue
      Fixes CVE-2012-5472
    - MSA-12-0059: MDL-34448 - Information leak in Database activity module
      Fixes CVE-2012-5473
    - MSA-12-0061: MDL-33791 - Remote code execution through Portfolio API
      Fixes CVE-2012-5479
    - MSA-12-0062: MDL-35558 - Information leak in Database activity module
      Fixes CVE-2012-5480

 -- Didier Raboud <odyx@debian.org>  Mon, 12 Nov 2012 10:00:00 +0100

moodle (2.2.3.dfsg-2.5) unstable; urgency=low

  * Non-maintainer brown-paper bag upload.

  * Fix the preinst shell syntax to properly drop the left-over symlink
    in favour of the shipped directory. (Closes: #689506 fo real now)

 -- Didier Raboud <odyx@debian.org>  Wed, 31 Oct 2012 08:25:55 +0100

moodle (2.2.3.dfsg-2.4) unstable; urgency=low

  * Non-maintainer upload.

  * Drop a left-over symlink in favour of the shipped directory.
   (Closes: #689506)

 -- Didier Raboud <odyx@debian.org>  Sun, 28 Oct 2012 15:01:09 +0100

moodle (2.2.3.dfsg-2.3) unstable; urgency=low

  * Non-maintainer upload.

  * Backport multiple security issues from upstream's MOODLE_22_STABLE
    branch. (Closes: #687924)
    - MSA-12-0051: MDL-30792 - File upload size constraint issue
      Fixes CVE-2012-4400
    - MSA-12-0052: MDL-28207 - Course topics permission issue
      Fixes CVE-2012-4401
    - MSA-12-0053: MDL-34585 - Blog file access issue
      Fixes CVE-2012-4407
    - MSA-12-0054: MDL-34519 - Course reset permission issue
      Fixes CVE-2012-4408
    - MSA-12-0055: MDL-34368 - Web service access token issue
      Fixes CVE-2012-4402

 -- Didier Raboud <odyx@debian.org>  Fri, 28 Sep 2012 12:52:21 +0200

moodle (2.2.3.dfsg-2.2) unstable; urgency=low

  * Non-maintainer upload.

  * Backport multiple security issues from upstream's MOODLE_22_STABLE
    branch. (Closes: #682203)
    - MDL-31692 mod_lti - ensure that various mforms are used properly
      Fixes CVE-2012-3389
    - MDL-33916 Ensure that capabilities are checked for cached user
      enrolments
      Fixes CVE-2012-3388

 -- Didier Raboud <odyx@debian.org>  Mon, 23 Jul 2012 19:13:56 +0200

moodle (2.2.3.dfsg-2.1) unstable; urgency=low

  * Non-maintainer upload.

  * Backport multiple security issues from upstream's MOODLE_22_STABLE
    branch (Closes: #682203)
    - MDL-33808 - format title on the repository instance screen
    - MDL-33808 - incorrect cleaning of repository names
      Both patches fix CVE-2012-3393.
    - MDL-23254 Authentication : used httpswwwroot as root url during
      authentication procedure where $PAGE->https_required() is
      specified.
      Fix CVE-2012-3394
    - MDL-27675 - Feedback module abuses data_submitted
      Fix CVE-2012-3395
    - MDL-34045 fix invalid idnumber field type in cohort form
      Fix CVE-2012-3396
    - MDL-33466: Group restriction should hide activity even with 'show
      availability' option
      Fix CVE-2012-3397

 -- Didier Raboud <odyx@debian.org>  Fri, 20 Jul 2012 19:52:07 +0200

moodle (2.2.3.dfsg-2) unstable; urgency=low

  *  Don't depend on ucf during purge (closes: #678027) 

 -- Tomasz Muras <nexor1984@gmail.com>  Thu, 21 Jun 2012 17:31:35 +0200

moodle (2.2.3.dfsg-1) unstable; urgency=high

  *  New upstream version: 2.2.3+ (Build: 20120615)
     closes: #674163

 -- Tomasz Muras <nexor1984@gmail.com>  Sat, 16 Jun 2012 21:39:12 +0200

moodle (2.2.2.dfsg-2) unstable; urgency=low

  * Fix path to cron (closes: #669229)

 -- Tomasz Muras <nexor1984@gmail.com>  Wed, 18 Apr 2012 19:34:35 +0200

moodle (2.2.2.dfsg-1) unstable; urgency=low

  * New upstream version: 2.2.2+ (Build: 20120412)
    closes: #658865,#664260,#647489,#443949,#441013,#505044,#375290
  * Updated Standards-Versions to 3.9.3
  * Removing Dan from maintainers (thanks for all your work Dan!)

 -- Tomasz Muras <nexor1984@gmail.com>  Sun, 15 Apr 2012 13:50:52 -0400

moodle (1.9.9.dfsg2-6) unstable; urgency=high

  * Backporting security fixes from Moodle 1.9.17
     - MSA-12-00013 DB activtity export does not respect groups
         (CVE-2012-1155, closes: #668411)

 -- Tomasz Muras <nexor1984@gmail.com>  Thu, 12 Apr 2012 21:55:48 +0100

moodle (1.9.9.dfsg2-5.1) unstable; urgency=low

  * Non-maintainer upload.
  * Fix pending l10n issues. Debconf translations:
    - Danish (Joe Hansen).  Closes: #658747
    - Dutch; (Jeroen Schot).  Closes: #660243
    - Brazilian Portuguese (Adriano Rafael Gomes).  Closes: #668092
    - Italian (Beatrice Torracca).  Closes: #668161

 -- Christian Perrier <bubulle@debian.org>  Tue, 10 Apr 2012 07:36:58 +0200

moodle (1.9.9.dfsg2-5) unstable; urgency=high

  * Backporting security fixes from Moodle 1.9.15 and 1.9.16
    (closes: #652235)
     - MSA-11-0054 Personal information leak
     - MSA-11-0045 Potential to masquerade through MNet (CVE-2011-4584)
     - MSA-11-0046 Insecure authentication transmission (CVE-2011-4585)
     - MSA-11-0047 Possible injection attack in Calendar (CVE-2011-4586)
     - MSA-11-0048 Password loss issue (CVE-2011-4587)
     - MSA-11-0049 Network restriction ineffective with MNet (CVE-2011-4588)
     - MSA-12-0007 Email injection prevention (CVE-2012-0796)
     - MSA-12-0006 Additional email address validation (CVE-2012-0795)
     - MSA-12-0005 Encryption enhancement (CVE-2012-0794)
     - MSA-12-0004 Added profile image security (CVE-2012-0793)
     - MSA-12-0003 Added password protection 
     - MSA-12-0002 Personal information leak, previously MSA-11-0040 
       (CVE-2011-4308 and CVE-2012-0792)
     - MSA-12-0001 Recaptcha transmission consistency issue

 -- Tomasz Muras <nexor1984@gmail.com>  Mon, 27 Feb 2012 21:14:48 +0000

moodle (1.9.9.dfsg2-4) unstable; urgency=high

  * Backporting security fixes from Moodle 1.9.13 and 1.9.14
      - MSA-11-0026 Fields in user upload CSV not being escaped (MDL-28360)
      - MSA-11-0025 Group names in user upload CSV not being escaped (MDL-28197)
      - MSA-11-0024 Recaptcha images were being authenticated 
          from an older server (MDL-27889) (closes: #638935)
      - MSA-11-0020 Continue links in error messages can lead offsite (MDL-27464)
      - MSA-11-0038 Database injection protection strengthened (MDL-29033)
      - MSA-11-0037 Course section editing injection vulnerability (MDL-28722)
      - MSA-11-0036 Messaging refresh vulnerability (MDL-29311)
      - MSA-11-0032 MNET SSL validation issue (MDL-29148)
      - MSA-11-0031 Forms API constant issue (MDL-23872)
  * Make sure that smarty & yui symlinks are correct (closes: 603255,614712) 

 -- Tomasz Muras <nexor1984@gmail.com>  Fri, 28 Oct 2011 13:29:14 +0100

moodle (1.9.9.dfsg2-3) unstable; urgency=high

  * Backporting security fixes from Moodle 1.9.11 and 1.9.12
      - MSA-11-0002 Cross-site request forgery vulnerability in RSS block (MDL-18839)
      - MSA-11-0003 Cross-site scripting vulnerability in tag autocomplete (MDL-25754)
      - MSA-11-0008 IMS enterprise enrolment file may disclose sensitive information (MDL-26189)
      - MSA-11-0011 Multiple cross-site scripting problems in media filter (MDL-26030)
      - MSA-11-0015 Cross Site Scripting through URL encoding (MDL-26966)
      - MSA-11-0013 Group/Quiz permissions issue (MDL-25122)

 -- Tomasz Muras <nexor1984@gmail.com>  Wed, 18 May 2011 20:57:59 +0100

moodle (1.9.9.dfsg2-2.1) unstable; urgency=low

  * Non-maintainer upload.
  * Fix encoding of Swedish debconf translation.

 -- Christian Perrier <bubulle@debian.org>  Tue, 11 Jan 2011 22:03:44 +0100

moodle (1.9.9.dfsg2-2) unstable; urgency=low

  * Added Romanian translation
  * Updated Japanese translation (closes: #596820)
  * Backporting security fixes from Moodle 1.9.10 (closes: #601384)
     - Updated embedded CAS to 1.1.3
     - Added patch for MDL-24523:
       clean_text() not filtering text in markdown format
     - Added patch for MDL-24810 and upgraded customized HTML Purifier to 4.2.0 
     - Added patch for MDL-24258:
       students can delete their forum posts later than $CFG->maxeditingtime 
       under certain conditions
     - Added patch for MDL-23377:
       Can't delete quiz attempts in course without enrolled students

 -- Tomasz Muras <nexor1984@gmail.com>  Sat, 30 Oct 2010 12:19:28 +0100

moodle (1.9.9.dfsg2-1) unstable; urgency=low

  * Enable HTML purifier by default
  * Added Janapenese translation (closes: #593808)
  * Removed from source swf files without a source code
    and added README.source
  * Updated bundled HTML purifier library - fix for
    CVE-2010-2479 (closes: #593301) 

 -- Tomasz Muras <nexor1984@gmail.com>  Tue, 24 Aug 2010 20:35:29 +0100

moodle (1.9.9.dfsg-1) unstable; urgency=low

  [ Jonathan Wiltshire ]
  * Debconf templates and debian/control reviewed by the debian-l10n-
    english team as part of the Smith review project. Closes: #588871
  * Debconf translation updates:
     - Russian (closes: #589247)
     - Czech (closes: #589265)
     - Swedish (closes: #589270)
     - French (closes: #589510)
     - German (closes: #590120)
     - Spanish (closes: #590449)
     - Portugese (closes: #590556)

  [ Tomasz Muras ]
  * New debconf translation - Polish 
  * Removed .swf files as non-free (closes: #591201)
  * Fixed generation of config.php for postgres (thanks Giles Westwood)

 -- Tomasz Muras <nexor1984@gmail.com>  Sun, 15 Aug 2010 21:19:10 +0100

moodle (1.9.9-2) unstable; urgency=low

  * Fixed JS includes for YUI library (closes: #589612)
  * Bumped standards version to 3.9.0
  * Moved BSD licenses into copyright (fixes lintian warning)
  * Setting DM-Upload-Allowed as agreed with Xavier Oswald <xoswald@debian.org>

 -- Tomasz Muras <nexor1984@gmail.com>  Thu, 22 Jul 2010 23:23:22 +0100

moodle (1.9.9-1) unstable; urgency=low

  * Rewritten debian/rules 
  * Removed unnecessary usr/share/moodle/update-notifier 
  * New Upstream Version: 1.9.9
  * New upstream fixes CVE-2010-1619 (closes: #585425)
  * New upstream fixes MSA-10-0011 (closes: #586280)

 -- Tomasz Muras <nexor1984@gmail.com>  Wed, 23 Jun 2010 21:00:39 +0100

moodle (1.9.8-1) unstable; urgency=low

  [Tomasz Muras]
  * New Maintainer (closes: #581229, #574969).
  * New Upstream Version (closes: #475535).
  * Added information about flvplayer to copyright (closes: #526543).
  * phpCAS XSS vulnerability fixed in mainstream Moodle 1.9.8 (closes: #574757).
  * Several security issues fixed in upstream (closes: #576189).
  * Moodle depends on postgresql or MySQL (closes: #551399).
  * Re-written to use dbconfig-common (closes: #302205).
  * Updated copyright with two new entires (closes: #526543).
  * Drop use of wwwconfig (closes: #389502).
  * Package is now not creating Apache config automatically (closes: #555672).
    It's up to the user to configure the webserver but package provides the
    templates.
  * Added "allow from localhost" (closes: #551402).
  * Asking for wwwroot during the installation (closes: #302207).
  * Removing nusoap as it's not necessary for PHP 5 (closes: #529573).

  [Xavier Oswald]
  * Add myself as uploader.
  * Bump Stadards-Version to 3.8.4.
  * debian/copyright: update with DEP-5 format proposal.
  * Switch to dpkg-source 3.0 (quilt) format

  [Francois Marier]
  * Bump debhelper compatibility to 7
  * Add a watch file
  * debian/control (dependencies)
    - Depend on libjs-yui instead of yui (renamed after lenny)
    - Add dependency on unzip
    - Recommend php5-xmlrpc and aspell
    - Suggest clamav
    - Demoted mimetex to recommended
  * Turn 'dbpersist' on by default in the generated config.php
  * Include whitespace warning at the end of generated config.php
  * Set the path to du, unzip and zip
  * Fix a warning with E_STRICT is turned on

 -- Xavier Oswald <xoswald@debian.org>  Sun, 20 Jun 2010 16:02:14 +0200

moodle (1.8.2.dfsg-4) unstable; urgency=high

  * Improve the fix for log URL filtering as suggested by Steffen Joeris
    (MSA-09-0007 / CVE-2009-0500)
  * Backport upstream fix for calendar export leakage
    (MSA-09-0006 / CVE-2009-0501)

 -- Francois Marier <francois@debian.org>  Thu, 12 Feb 2009 17:27:07 +1300

moodle (1.8.2.dfsg-3) unstable; urgency=high

  * Delete unused (but vulnerable) Spellchecker plugin to htmlarea
    (MSA-09-0005, CVE-2008-5153)
  * Hide images of deleted users (MSA-09-0001)
  * Fix user pix disclosure (MSA-09-0002)
  * Fix XSS vulnerabilities in HTML blocks (MSA-09-0004)
  * Fix XSS vulnerabilities in logs (MSA-09-0007)
  * Fix CSRF vulnerability in forum code (MSA-09-0008)

 -- Francois Marier <francois@debian.org>  Mon, 02 Feb 2009 19:09:10 +1300

moodle (1.8.2.dfsg-2) unstable; urgency=high

  [ Dan Poltawski ]
  * Patch SQL injection bug in hotpot module (MSA-08-0010)
  * Fix XSS bug in logged urls (MDL-11414)
  * Fix XSS bug in install script (MSA-08-0004)
  * Fix insufficient access control in Login as feature (MSA-08-0003)
  * Profiles of deleted users were accessible allowing for spam (MSA-08-0015)
  * Deficincy in text cleaning functions allowed for XSS (MSA-08-0021)
  * Fix CSRF in messaging settings (MSA-08-0023)
  * Fix anonymous group creation and html injection (MDL-11759)
  * Fix SQL injection bug in mnet (MDL-9288)
  * Fix SQL injection bug in restore (MDL-11857)
  * Insufficient cleaning of essay questions (MDL-12079)
  * Fix insufficient cleaning of PARAM_HOST (MDL-12793)
  * Fix XSS bug in logged urls (MDL-11414)
  * Fix uncleaned params in wiki (MDL-14806)

  [ Francois Marier ]
  * Update html2text to prevent code execution attacks (closes: #508909)

 -- Francois Marier <francois@debian.org>  Wed, 17 Dec 2008 13:37:10 +1300

moodle (1.8.2.dfsg-1) unstable; urgency=high

  * Replace html2text with a GPL alternative (closes: #507947)
  * Fix XSS in the wiki module (CVE-2008-5432, closes: #508593)
  * Add Dan Poltawski to the uploaders field

 -- Francois Marier <francois@debian.org>  Tue, 16 Dec 2008 20:24:27 +1300

moodle (1.8.2-2) unstable; urgency=high

  * Adopt orphaned package (closes: #494642)
  * Acknowledge security NMU (closes: #489533, #432264)
  * Add Vcs-* fields to debian/control

  Release-critical and security bugs:
 
  * Depend on smarty instead of using the embedded copy that is shipped
    with Moodle (closes: #471158, #488525, #504345)
  * Patch security bug in the embedded (and customised) copy of phpmailer
    (CVE-2007-3215, closes: #429339, #429190)
  * Patch cross-site scripting bug (CVE-2008-3326, closes: #492492)
  * Patch snoopy input sanitising (CVE-2008-4796, closes: #504235)
  * Upgrade to new LGPL version of domxml-php4-to-php5 (closes: #496069)

  Trivial bug fixes:

  * Depend on zip (closes: #408995)
  * Add mysql-client as an alternative to postgresql-client
    (closes: #417554, #469094)
  * Recommend php5-ldap (closes: #425839)
  * Delete unnecessary script with bashisms (closes: #489634)

  Lintian warnings:

  * Bump Standards-Version to 3.8.0
  * Add homepage field to debian/control
  * Remove cvsignore file
  * Remove extra license file
  * Depend on yui instead of using an embedded copy

 -- Francois Marier <francois@debian.org>  Fri, 07 Nov 2008 08:24:28 +1300

moodle (1.8.2-1.3) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix broken HTML filtering which could be used to perform XSS attacks,
    bypass restrictions or possibly execute arbitrary code
    (CVE-2008-1502; Closes: #489533).

 -- Nico Golde <nion@debian.org>  Sun, 20 Jul 2008 18:07:55 +0200

moodle (1.8.2-1.2ubuntu2) intrepid; urgency=low

  * SECURITY UPDATE: arbitrary code execution via multiple vectors.
    - Add CVE-2008-1502.dpatch: upstream KSES lib fixes, thanks to Nico Golde.

 -- Kees Cook <kees@ubuntu.com>  Wed, 22 Oct 2008 14:01:33 -0700

moodle (1.8.2-1.2ubuntu1) intrepid; urgency=low

  * Merge from debian unstable, remaining changes:
    - Suggest php5-ldap
    - Modify Maintainer value to match Debian-Maintainer-Field Spec
    - debian/postinst ucf fixes
    - drop use of wwwconfig (database code in postinst stolen from mythtv)

 -- Oliver Grawert <ogra@ubuntu.com>  Thu, 01 May 2008 02:19:09 +0100

moodle (1.8.2-1.2) unstable; urgency=low

  * Non-maintainer upload to fix pending l10n issues.
  * Debconf translations:
    - Japanese. Closes: #413105
    - Spanish. Closes: #413779
    - German. Closes: #415888
    - Dutch. Closes: #425711
    - Slovak. Closes: #437511
    - Brazilian Portuguese. Closes: #437680
    - Finnish. Closes: #468212
    - Basque. Closes: #470362
    - Galician. Closes: #470430
    - Vietnamese. Closes: #470602
    - Russian. Closes: #470790
  * [Lintian] Fix format of NEWS.Debian
  * [Lintian] Move debconf dependency to Pre-Depends as it is used
    in the preinst script

 -- Christian Perrier <bubulle@debian.org>  Fri, 14 Mar 2008 07:33:53 +0100

moodle (1.8.2-1.1) unstable; urgency=low

  * Non-maintainer upload from the Zurich BSP
  * Added dependency on postgresql-client (Closes: #431589)

 -- Tobias Klauser <tklauser@access.unizh.ch>  Sat, 12 Jan 2008 17:04:03 +0100

moodle (1.8.2-1ubuntu4) hardy; urgency=low

  * debian/postinst: ... except we should explicitly pass --debconf-ok
    to ucf, for compatibility with older versions.

 -- Steve Langasek <steve.langasek@ubuntu.com>  Fri, 28 Mar 2008 01:16:24 +0000

moodle (1.8.2-1ubuntu3) hardy; urgency=low

  * debian/postinst: Only call db_stop after ucf has been run in
    handle_config(), since ucf itself uses debconf; and drop the
    "exec 0<&1" workaround which no longer matters. LP: #203844

 -- Steve Langasek <steve.langasek@ubuntu.com>  Fri, 28 Mar 2008 00:37:00 +0000

moodle (1.8.2-1ubuntu2) gutsy; urgency=low

  * Package changed to avoid use of wwwconfig; borrowed database setup code
    from Ubuntu mythtv package.

 -- Matt Oquist <moquist@majen.net>  Sat, 28 Jul 2007 16:14:18 +0200

moodle (1.8.2-1ubuntu1) gutsy; urgency=low

  * Merge from Debian unstable. Remaining Ubuntu changes:
    - Depends on postgresql-client
    - Suggest php5-ldap
    - Modify Maintainer value to match Debian-Maintainer-Field Spec

 -- Vincent Legout <bixente44@gmail.com>  Tue, 17 Jul 2007 16:14:18 +0200

moodle (1.8.2-1) unstable; urgency=low

  * New upstream release, fixes security bug, closes: #432264

 -- Isaac Clerencia <isaac@debian.org>  Mon, 09 Jul 2007 00:24:17 +0200

moodle (1.8.1-1ubuntu1) gutsy; urgency=low

  * Merge from debian unstable, remaining changes:
    - Depends on postgresql-client
    - Suggest php5-ldap
    - Set apache2 as default in debian/templates
    - Update Maintainer field in debian/control

 -- Luca Falavigna <dktrkranz@ubuntu.com>  Fri, 15 Jun 2007 23:33:55 +0100

moodle (1.8.1-1) unstable; urgency=low

  * New upstream release
  * Add php5-curl | php4-curl dependency for the new network features
  * No longer depend on php4 and apache 1

 -- Isaac Clerencia <isaac@debian.org>  Fri, 15 Jun 2007 14:12:43 +0200

moodle (1.7.2-1ubuntu2) gutsy; urgency=low

  * Switch back to postgresql-client and postgresql (LP: 110054)
  * Suggest php5-ldap (LP: 107713)

 -- Luca Falavigna <dktrkranz@ubuntu.com>  Sun, 10 Jun 2007 23:56:16 +0200

moodle (1.7.2-1ubuntu1) gutsy; urgency=low

  * Merge from Debian unstable. Remaining Ubuntu changes:
    + debian/control:
      - php5 by default.
      - Add postgresql-client-8.1 to Depends.
      - Update Recommends alternate to postgresql-8.1.
    + debian/templates: Ensure the default corresponds to the install-
      time dependencies (apache2).
  * Modify Maintainer value to match Debian-Maintainer-Field Spec

 -- Arthur Loiret <freacky22527@free.fr>  Sun,  3 Jun 2007 20:53:01 +0200

moodle (1.7.2-1) unstable; urgency=low

  * New upstream release

 -- Isaac Clerencia <isaac@debian.org>  Fri, 01 Jun 2007 12:54:59 +0200

moodle (1.7.1-1) experimental; urgency=low

  * New upstream release

 -- Isaac Clerencia <isaac@debian.org>  Wed, 24 Jan 2007 14:21:34 +0100

moodle (1.7+20061215-1) experimental; urgency=low

  * New upstream release

 -- Isaac Clerencia <isaac@debian.org>  Fri, 15 Dec 2006 13:39:14 +0100

moodle (1.6.3-2ubuntu1) feisty; urgency=low

  * Merge from debian unstable, remaining changes:
    - debian/control:
      + php5 by default.
      + Add postgresql-client-8.1 to Depends.
      + Update Recommends alternate to postgresql-8.1.
    - debian/templates: Ensure the default corresponds to the install-
      time dependencies (apache2).

 -- Kees Cook <kees@ubuntu.com>  Mon, 18 Dec 2006 12:28:27 -0800

moodle (1.6.3-2) unstable; urgency=high

  * Urgency high as it fixes a security bug and should enter Etch ASAP
  * Fix security bug in the forum module (discuss.php)

 -- Isaac Clerencia <isaac@debian.org>  Thu, 14 Dec 2006 14:14:27 +0100

moodle (1.6.3-1ubuntu1) feisty; urgency=low

  * Merge from debian unstable.  Remaining Ubuntu changes:
    - debian/control:
      + php5 by default.
      + Add postgresql-client-8.1 to Depends.
      + Update Recommends alternate to postgresql-8.1.
    - debian/templates: Ensure the default corresponds to the install-
      time dependencies (apache2).

 -- Kees Cook <kees@ubuntu.com>  Wed, 29 Nov 2006 16:08:37 -0800

moodle (1.6.3-1) unstable; urgency=low

  * New upstream release

 -- Isaac Clerencia <isaac@debian.org>  Thu, 19 Oct 2006 11:37:40 +0200

moodle (1.6.2+20060930-1) unstable; urgency=high

  * Urgency high because it fixes a critical security hole
  * New upstream release, closes: #390294, critical security hole
  * Notify the user if the selected server isn't installed, select apache2
    by default instead of apache, closes: #389806
  * Add a configuration section for php5 in apache.conf, closes: #387609

 -- Isaac Clerencia <isaac@debian.org>  Sat, 30 Sep 2006 12:14:29 +0100

moodle (1.6.2-1ubuntu1.1) edgy; urgency=low

  * SECURITY UPDATE: SQL injection vulnerability
  * Add '01_sql-injection-fix.dpatch': Correctly escape tag options.
  * References:
    CVE-2006-5219
    http://cvs.moodle.com/blog/index.php?r1=1.18.2.2&r2=1.18.2.3

 -- Kees Cook <kees@ubuntu.com>  Wed, 11 Oct 2006 15:25:15 -0700

moodle (1.6.2-1ubuntu1) edgy; urgency=low

  * Merge from Debian unstable. The following Ubuntu changes remain:
    - debian/control:
      + Apply patch from Ubuntu #59472 to use php5
        (Closes Ubuntu: #59472),
      + Add postgresql-client-8.1 to Depends (Closes Ubuntu: #51813),
      + Update Recommends alternate to postgresql-8.1,
    - debian/templates: Ensure the default corresponds to the install-
      time dependencies (apache2) so we can avoid the mess that was
      worked around in dapper-security.

 -- Daniel T Chen <crimsun@ubuntu.com>  Sat, 23 Sep 2006 22:26:13 -0400

moodle (1.6.2-1) unstable; urgency=low

  * New upstream release, closes: #387177
  * Debconf translation updates/additions:
    * Czech, closes: #371834
    * French, closes: 372713
    * Portuguese, closes: #381194
  * Install config-dist.php in the documentation directory, closes: #386476

 -- Isaac Clerencia <isaac@debian.org>  Tue, 12 Sep 2006 22:06:34 +0200

moodle (1.6.1+20060825-1) unstable; urgency=low

  * New upstream release
  * Moodle neither uses nor plans to use ADODB_Pager, so it's not affected by
    #360396, but include patch for it anyway, just in case somebody decides to
    use it out of the blue

 -- Isaac Clerencia <isaac@debian.org>  Fri, 25 Aug 2006 08:56:42 +0200

moodle (1.6-2ubuntu1) edgy; urgency=low

  [ Ubuntu Merge-o-Matic ]
  * Merge from debian unstable.

 -- Daniel T Chen <crimsun@ubuntu.com>  Thu,  6 Jul 2006 20:30:30 -0400

moodle (1.6-2) unstable; urgency=low

  * Fix two problems in preinst, thanks to Jordi Mallach's workmate
  * Ship cron file in package instead of generating it at postinst

 -- Isaac Clerencia <isaac@debian.org>  Mon,  3 Jul 2006 10:25:31 +0200

moodle (1.6-1ubuntu1) edgy; urgency=low

  * Merge from debian unstable:
    - Use Debian Sid's packaging save in debian/templates where we need
      to make sure the default corresponds to the install-time
      dependencies (apache2) so we can avoid the mess that was worked
      around in dapper-security.

 -- Daniel T Chen <crimsun@ubuntu.com>  Fri, 30 Jun 2006 19:21:20 +0100

moodle (1.6-1) unstable; urgency=low

  * New upstream release, needs newer PHP version, so updated versioned
    dependencies

 -- Isaac Clerencia <isaac@debian.org>  Mon, 19 Jun 2006 18:21:07 +0200

moodle (1.5.4-1) unstable; urgency=low

  * New upstream release
  * Depend on ucf
  * Move debhelper to Build-Depends as it's used in the clean target of
    debian/rules
  * Add colons to debconf template short descriptions
  * Bumped Standard-Versions to 3.7.2, no changes needed

 -- Isaac Clerencia <isaac@debian.org>  Tue, 30 May 2006 17:48:11 +0200

moodle (1.5.3+20060206-1) unstable; urgency=low

  * New package created from 1.5.3+ branch, which includes several bugfixes
  * Allow moodle to be installed using php5 instead of php4, closes: #351298
  * Changed apache | httpd to apache2-mpm-prefork | httpd

 -- Isaac Clerencia <isaac@debian.org>  Mon,  6 Feb 2006 09:49:09 +0100

moodle (1.5.3+20060108-2) unstable; urgency=low

  * Throw cronjob output to /dev/null, closes: #349971 

 -- Isaac Clerencia <isaac@debian.org>  Thu, 26 Jan 2006 13:01:58 +0100

moodle (1.5.3+20060108-1ubuntu1) dapper; urgency=low

  * Resynchronise with Debian.

 -- Daniel T Chen <crimsun@fungus.sh.nu>  Mon, 09 Jan 2006 13:49:39 +0000

moodle (1.5.3+20060108-1) unstable; urgency=low

  * New package created from 1.5.3+ branch, which closes: #346509, a
    security bug in the ADODB code included in Moodle
  * Check for /usr/share/moodle/admin/cron.php existence in the cronjob,
    closes: #342304
  * Use php4-cli instead of wget to run the cronjob, closes: #345930

 -- Isaac Clerencia <isaac@debian.org>  Sun,  8 Jan 2006 17:09:57 +0100

moodle (1.5.3-1ubuntu1) dapper; urgency=low

  * Resynchronise with Debian.

 -- Stephan Hermann <sh@sourcecode.de>  Wed, 28 Dec 2005 18:25:41 +0100

moodle (1.5.3-1) unstable; urgency=low

  * New upstream release

 -- Isaac Clerencia <isaac@debian.org>  Mon, 21 Nov 2005 21:09:21 +0100

moodle (1.5.2-1ubuntu1) breezy; urgency=low

  * Resync with debian (security update)
  * changed dependencys to php5
  * changed apache dependency to apache2 
  * References
    CAN-2005-2247

 -- Andrew Mitchell <ajmitch@ubuntu.com>  Thu, 13 Oct 2005 02:00:59 +1300

moodle (1.5.2-1) unstable; urgency=low

  * New upstream release

 -- Isaac Clerencia <isaac@debian.org>  Wed, 20 Jul 2005 15:13:41 +0200

moodle (1.5.1-1) unstable; urgency=low

  * New upstream release

 -- Isaac Clerencia <isaac@debian.org>  Tue, 12 Jul 2005 09:50:59 +0200

moodle (1.5-1) unstable; urgency=low

  * New upstream release
  * Added Vietnamese debconf translation, closes: #312961

 -- Isaac Clerencia <isaac@debian.org>  Wed, 22 Jun 2005 22:18:26 +0200

moodle (1.4.4.dfsg.1-3) unstable; urgency=high

  * Urgency high as this upload closes a security bug
  * Remove admin/delete.php on installation, fixes an important security bug 

 -- Isaac Clerencia <isaac@debian.org>  Mon, 30 May 2005 20:45:33 +0200

moodle (1.4.4.dfsg.1-2) unstable; urgency=low

  * Use find | xargs instead of rm to remove old sessions, closes: #300266

 -- Isaac Clerencia <isaac@debian.org>  Fri, 18 Mar 2005 18:47:32 +0100

moodle (1.4.4.dfsg.1-1) unstable; urgency=high

  * Urgency high as it closes a release critical bug and fixes some security
  problems

  * New upstream release

  * Replaced non-free fonts with free fonts for some languages in the original
  tarball, closes: #298938

  * Set perms for /etc/moodle/config.php to 640 instead of 644, closes: #297237

  * Use new option $CFG->respectsessionsettings = true; to clean sessions and
  remove old sessions from /var/lib/moodle/sessions: closes: #295124

  * Added cs.po debconf template translation, closes: #298208

  * Remove /var/lib/moodle/ when purging

 -- Isaac Clerencia <isaac@debian.org>  Thu, 10 Mar 2005 01:02:48 +0100

moodle (1.4.3-1) unstable; urgency=high

  * Urgency high as upstream release fixes several security bugs
  * New upstream release
  * Write database creation errors and warn the user about it, 
  closes: #285842, #285842

 -- Isaac Clerencia <isaac@sindominio.net>  Wed, 29 Dec 2004 00:49:52 +0100

moodle (1.4.2-2) unstable; urgency=low

  * Create user before creating database in postinst 

 -- Isaac Clerencia <isaac@sindominio.net>  Tue, 23 Nov 2004 10:55:28 +0100

moodle (1.4.2-1) unstable; urgency=high

  * New upstream release
  * Urgency high, as this upstream release closes several security bugs
  * Added some extra information to README.Debian, thanks to Kevin Coyner
  * Added apache2 as a choice for autoconfiguration, closes: #275444

 -- Isaac Clerencia <isaac@sindominio.net>  Wed, 10 Nov 2004 13:18:41 +0100

moodle (1.4.1-2) unstable; urgency=medium

  * Urgency medium, as it fixes the "default username" problem, which is a
    www-config bug but affects lots of moodle users
  * Use moodle as default database username, currently uses www-data which
    causes www-config to fail to create the database
  * Enabled Tex math filter and added mimetex in Depends:
  * Removed an extra line from README.Debian
  * Removed debian/overrides/ for lintian

 -- Isaac Clerencia <isaac@sindominio.net>  Sun, 24 Oct 2004 12:16:39 +0200

moodle (1.4.1-1) unstable; urgency=low

  * New upstream release, closes: #270855
  * /var/lib/moodle is now owned by www-data, closes: #258283
  * Added README.Debian with some hints for database setup,
    closes: #272553, #270851

 -- Isaac Clerencia <isaac@sindominio.net>  Sat,  2 Oct 2004 00:37:53 +0200

moodle (1.4-1) unstable; urgency=low

  * New upstream release, closes: #256218, #256219
  * Switched to a file in conf.d instead of an include in http.conf
  * Added DirectoryIndex index.php to apache.conf file, closes: #247554

 -- Isaac Clerencia <isaac@sindominio.net>  Tue,  7 Sep 2004 22:07:10 +0200

moodle (1.3.3-1) unstable; urgency=low

  * New upstream release

 -- Isaac Clerencia <isaac@sindominio.net>  Mon, 19 Jul 2004 11:28:48 +0200

moodle (1.3.2-1) unstable; urgency=low

  * New upstream release

 -- Isaac Clerencia <isaac@sindominio.net>  Mon, 19 Jul 2004 11:16:45 +0200

moodle (1.3.1-1) unstable; urgency=low

  * New upstream release, closes: #252693
  * Added "exec 0<&1" to postinst to fix hang when ucf asks the user

 -- Isaac Clerencia <isaac@sindominio.net>  Fri,  4 Jun 2004 23:45:37 +0200

moodle (1.2.1-3) unstable; urgency=low

  * Added a choice to use apache-perl in addition to apache and apache-ssl
  * Changed back priority to Optional, because no longer depends on php4-gd2

 -- Isaac Clerencia <isaac@sindominio.net>  Thu, 22 Apr 2004 11:32:40 +0200

moodle (1.2.1-2) unstable; urgency=low

  * Changed depends on php4-gd2 to php4-gd, closes: #243717

 -- Isaac Clerencia <isaac@sindominio.net>  Tue, 20 Apr 2004 23:16:47 +0200

moodle (1.2.1-1) unstable; urgency=low

  * New upstream release
  * Added ucf for better handling of config files
  * Changed priority to Extra

 -- Isaac Clerencia <isaac@sindominio.net>  Tue, 30 Mar 2004 22:01:33 +0200

moodle (1.1.1-4) unstable; urgency=low

  * Added French debconf templates translation, closes: #235572

 -- Isaac Clerencia <isaac@sindominio.net>  Mon,  1 Mar 2004 12:22:03 +0100

moodle (1.1.1-3) unstable; urgency=low

  * Fixed debconf stuff by adding POTFILES.in, closes: #233114
    Thanks to Martin Quirson.
  * Fixed bug in config generation that caused passwords including '$'
    broke the autentication
  * Removed moodle prefix from some debian/ files
  * Changed depend on debconf to misc:Depends
  * Updated version for debhelper build-depend to 4.1.13

 -- Isaac Clerencia <isaac@sindominio.net>  Tue, 17 Feb 2004 23:55:45 +0100

moodle (1.1.1-2) unstable; urgency=low

  * Now depends on php4-pgsql or php4-mysql not both
  * Added recommends for postgresql or mysql-serverl
  * Added documentation dir
  * Added wget in Depends: and changed cron.d to use wget
  * Fixed postinst to put the correct protocol in config.php and cron.d/moodle

 -- Isaac Clerencia <isaac@sindominio.net>  Thu, 27 Nov 2003 23:14:11 +0100

moodle (1.1.1-1) unstable; urgency=low

  * Initial Debian Release, closes: #222475

 -- Isaac Clerencia <isaac@sindominio.net>  Thu, 27 Nov 2003 23:14:11 +0100

