[Secure-testing-commits] r22900 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Wed Jul 10 13:09:17 UTC 2013
Author: thijs
Date: 2013-07-10 13:09:16 +0000 (Wed, 10 Jul 2013)
New Revision: 22900
Modified:
data/CVE/list
Log:
old moodle issue forwarded
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-07-10 12:54:07 UTC (rev 22899)
+++ data/CVE/list 2013-07-10 13:09:16 UTC (rev 22900)
@@ -12843,6 +12843,7 @@
[squeeze] - moodle <no-dsa> (Minor issue)
[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy1
NOTE: https://github.com/tpyo/amazon-s3-php-class/pull/36
+ NOTE: https://tracker.moodle.org/browse/MDL-40615
CVE-2012-6086 [zabbix insecure curl usage]
RESERVED
- zabbix <unfixed> (bug #697443)
@@ -86787,7 +86788,7 @@
{DSA-1528-1}
- serendipity 1.3~b1-1 (low; bug #469667)
CVE-2008-0123 (Cross-site scripting (XSS) vulnerability in install.php for Moodle ...)
- - moodle <unfixed> (unimportant)
+ - moodle 1.9.8-1 (unimportant)
NOTE: the issue itself has a quite small attack vector
NOTE: and considering that the apache configuration that comes
NOTE: with moodle limits connections to localhost this is no issue
More information about the Secure-testing-commits
mailing list