[Secure-testing-commits] r11186 - data/CVE
white at alioth.debian.org
white at alioth.debian.org
Tue Feb 10 23:09:58 UTC 2009
Author: white
Date: 2009-02-10 23:09:58 +0000 (Tue, 10 Feb 2009)
New Revision: 11186
Modified:
data/CVE/list
Log:
3 moodle issues fixed in sid, a minor one still unfixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-10 23:08:25 UTC (rev 11185)
+++ data/CVE/list 2009-02-10 23:09:58 UTC (rev 11186)
@@ -3,13 +3,17 @@
CVE-2009-XXXX [tor: DoS vulnerability that could be performed by a directory mirror]
- tor 0.2.0.34-1
CVE-2009-0502 (Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php ...)
- TODO: check
+ - moodle 1.8.2.dfsg-3 (low)
+ TODO: check snoopy and code copies
+ NOTE: MSA-09-0004
CVE-2009-0501 (Unspecified vulnerability in the Calendar export feature in Moodle 1.8 ...)
- TODO: check
+ - moodle <unfixed> (low)
+ [etch] - moodle <not-affected> (Vulnerable code not present)
CVE-2009-0500 (Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle ...)
- TODO: check
+ - moodle 1.8.2.dfsg-3 (low)
CVE-2009-0499 (Cross-site request forgery (CSRF) vulnerability in the forum code in ...)
- TODO: check
+ - moodle 1.8.2.dfsg-3 (low)
+ [etch] - moodle <not-affected> (Vulnerable code not present)
CVE-2009-0498 (Virtual GuestBook (vgbook) 2.1 stores sensitive information under the ...)
TODO: check
CVE-2009-0497 (Directory traversal vulnerability in log.jsp in Ignite Realtime ...)
More information about the Secure-testing-commits
mailing list