Debian Security Advisory DSA 2540-1 (mahara)

Summary
The remote host is missing an update to mahara announced via advisory DSA 2540-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202540-1
Insight
Emanuel Bronshtein discovered that Mahara, an electronic portfolio, weblog, and resume builder, contains multiple cross-site scripting vulnerabilities due to missing sanitization and insufficient encoding of user-supplied data. For the stable distribution (squeeze), these problems have been fixed in version 1.2.6-2+squeeze5. For the testing distribution (wheezy), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 1.5.1-2. We recommend that you upgrade your mahara packages.