Index: openacs-4/packages/dotlrn/dotlrn.info
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/dotlrn/dotlrn.info,v
diff -u -N -r1.123.2.7 -r1.123.2.8
--- openacs-4/packages/dotlrn/dotlrn.info	27 Jan 2006 02:14:25 -0000	1.123.2.7
+++ openacs-4/packages/dotlrn/dotlrn.info	6 Feb 2006 20:47:13 -0000	1.123.2.8
@@ -7,14 +7,14 @@
     <initial-install-p>f</initial-install-p>
     <singleton-p>f</singleton-p>
     
-    <version name="2.2.0a2" url="http://openacs.org/repository/download/apm/dotlrn-2.2.0a2">
+    <version name="2.2.0a3" url="http://openacs.org/repository/download/apm/dotlrn-2.2.0a3">
         <owner url="http://openacs.org">OpenACS</owner>
         <summary>A Course Management System</summary>
         <release-date>2005-11-01</release-date>
         <vendor url="http://openacs.org">OpenACS</vendor>
         <description format="text/html">Course Management</description>
 
-        <provides url="dotlrn" version="2.2.0a2"/>
+        <provides url="dotlrn" version="2.2.0a3"/>
         <requires url="acs-kernel" version="5.0.0b4"/>
         <requires url="acs-lang" version="5.1.2d1"/>
         <requires url="attachments" version="0.5"/>
Index: openacs-4/packages/dotlrn/tcl/apm-callback-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/dotlrn/tcl/apm-callback-procs.tcl,v
diff -u -N -r1.3.2.4 -r1.3.2.5
--- openacs-4/packages/dotlrn/tcl/apm-callback-procs.tcl	29 Dec 2005 08:03:08 -0000	1.3.2.4
+++ openacs-4/packages/dotlrn/tcl/apm-callback-procs.tcl	6 Feb 2006 20:47:12 -0000	1.3.2.5
@@ -175,6 +175,18 @@
 		
 		
 	    }
+	    2.2.0a2 2.2.0a3 {
+		# This fixes a security hole opened up when cloning
+		# communities/classes
+		db_foreach get_communities_with_inherit {
+		    select community_id
+		    from dotlrn_communities_all c, acs_objects o
+		    where c.community_id = o.object_id
+		    and o.security_inherit_p = 't'
+		} {
+		    permission::set_not_inherit -object_id $community_id
+		}		
+	    }
 	}
 }
     
