[Secure-testing-commits] r23009 - data/CVE

Thijs Kinkhorst thijs at alioth.debian.org
Fri Jul 19 11:34:23 UTC 2013 

Author: thijs
Date: 2013-07-19 11:34:22 +0000 (Fri, 19 Jul 2013)
New Revision: 23009

Modified:
   data/CVE/list
Log:
fixed some moodle issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-07-19 05:06:24 UTC (rev 23008)
+++ data/CVE/list	2013-07-19 11:34:22 UTC (rev 23009)
@@ -6052,12 +6052,12 @@
 	NOT-FOR-US: Fast Permissions Administration Drupal contributed module
 CVE-2013-2246
 	RESERVED
-	- moodle <unfixed> (low)
+	- moodle 2.5.1-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232503
 CVE-2013-2245
 	RESERVED
-	- moodle <unfixed> (low)
+	- moodle 2.5.1-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232502
 CVE-2013-2244
@@ -6066,12 +6066,12 @@
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232501
 CVE-2013-2243
 	RESERVED
-	- moodle <unfixed> (low)
+	- moodle 2.5.1-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232500
 CVE-2013-2242
 	RESERVED
-	- moodle <unfixed> (low)
+	- moodle 2.5.1-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: https://moodle.org/mod/forum/discuss.php?d=232498
 CVE-2013-2241 [information exposure]
@@ -6652,19 +6652,19 @@
 CVE-2013-2084
 	RESERVED
 CVE-2013-2083 (The MoodleQuickForm class in lib/formslib.php in Moodle through ...)
-	- moodle <unfixed> (low)
+	- moodle 2.5-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38885
 CVE-2013-2082 (Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and ...)
-	- moodle <unfixed> (low)
+	- moodle 2.5-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37245
 CVE-2013-2081 (Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and ...)
-	- moodle <unfixed> (low)
+	- moodle 2.5-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37822
 CVE-2013-2080 (The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, ...)
-	- moodle <unfixed> (low)
+	- moodle 2.5-1 (low)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37475
 CVE-2013-2079 (mod/assign/locallib.php in the assignment module in Moodle 2.3.x ...)
@@ -7528,25 +7528,25 @@
 CVE-2013-1837
 	RESERVED
 CVE-2013-1836 (Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and ...)
-	- moodle <unfixed> (bug #703870)
+	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 CVE-2013-1835 (Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and ...)
-	- moodle <unfixed> (bug #703870)
+	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 CVE-2013-1834 (notes/edit.php in Moodle 1.9.x through 1.9.19, 2.x through 2.1.10, ...)
-	- moodle <unfixed> (low; bug #703870)
+	- moodle 2.5-1 (low; bug #703870)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 CVE-2013-1833 (Multiple cross-site scripting (XSS) vulnerabilities in the File Picker ...)
-	- moodle <unfixed> (bug #703870)
+	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 CVE-2013-1832 (repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before ...)
-	- moodle <unfixed> (bug #703870)
+	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 CVE-2013-1831 (lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x ...)
-	- moodle <unfixed> (low; bug #703870)
+	- moodle 2.5-1 (low; bug #703870)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 CVE-2013-1830 (user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x ...)
-	- moodle <unfixed> (low; bug #703870)
+	- moodle 2.5-1 (low; bug #703870)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 CVE-2013-1829 (calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not ...)
 	- moodle <not-affected> (Only in 2.4 to 2.4.1)
@@ -13084,7 +13084,7 @@
 CVE-2012-6112 (classes/GoogleSpell.php in the PHP Spellchecker (aka Google ...)
 	- tinymce <not-affected> (TinyMCE Google spellchecker plugin)
 	- wordpress 3.5.1+dfsg-2
-	- moodle <unfixed> (bug #702387)
+	- moodle 2.5-1 (bug #702387)
 	[squeeze] - wordpress <unfixed> (bug #701667)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
@@ -13110,33 +13110,33 @@
 CVE-2012-6106 (calendar/managesubscriptions.php in the Manage Subscriptions ...)
 	- moodle <not-affected> (Only affects 2.4)
 CVE-2012-6105 (blog/rsslib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, ...)
-	- moodle <unfixed> (low; bug #702387)
+	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.1 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
 CVE-2012-6104 (blog/rsslib.php in Moodle 2.2.x before 2.2.7, 2.3.x before 2.3.4, and ...)
-	- moodle <unfixed> (low; bug #702387)
+	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.2 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
 CVE-2012-6103 (Multiple cross-site request forgery (CSRF) vulnerabilities in ...)
-	- moodle <unfixed> (low; bug #702387)
+	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.2 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
 CVE-2012-6102 (lib.php in the Submission comments plugin in the Assignment module in ...)
 	- moodle <not-affected> (Only affects 2.3 and above)
 CVE-2012-6101 (Multiple open redirect vulnerabilities in Moodle 2.2.x before 2.2.7, ...)
-	- moodle <unfixed> (low; bug #702387)
+	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.2 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
 CVE-2012-6100 (report/outline/index.php in Moodle 2.2.x before 2.2.7, 2.3.x before ...)
-	- moodle <unfixed> (low; bug #702387)
+	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <not-affected> (Only affects 2.2 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
 CVE-2012-6099 (The moodle1 backup converter in backup/converter/moodle1/lib.php in ...)
-	- moodle <unfixed>
+	- moodle 2.5-1
 	[squeeze] - moodle <not-affected> (Only affects 2.1 and above)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
 CVE-2012-6098 (grade/edit/outcome/edit_form.php in Moodle 1.9.x through 1.9.19, 2.1.x ...)
-	- moodle <unfixed> (low; bug #702387)
+	- moodle 2.5-1 (low; bug #702387)
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy2
 CVE-2012-6097 (File descriptor leak in cronie 1.4.8, when running in certain ...)
@@ -13178,7 +13178,7 @@
 	[wheezy] - rpm 4.10.0-5+deb7u1
 CVE-2012-6087 [moodle insecure curl usage]
 	RESERVED
-	- moodle <unfixed>
+	- moodle 2.2.7.dfsg-1
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy1
 	NOTE: https://github.com/tpyo/amazon-s3-php-class/pull/36
@@ -14787,7 +14787,7 @@
 CVE-2012-5583 [phpcas curl usage]
 	RESERVED
 	- php-cas 1.3.1-2
-	- moodle <unfixed>
+	- moodle 2.2.7.dfsg-1
 	[squeeze] - moodle <no-dsa> (Minor issue)
 	[wheezy] - moodle 2.2.3.dfsg-2.6~wheezy1
 	NOTE: https://github.com/Jasig/phpCAS/pull/58
@@ -20893,7 +20893,7 @@
 CVE-2012-3363 (Zend_XmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before ...)
 	{DSA-2505-1}
 	- zendframework 1.11.12-1 (bug #679215)
-	- moodle <unfixed> (bug #703870)
+	- moodle 2.5-1 (bug #703870)
 	[squeeze] - moodle <not-affected> (Vulnerable code not present)
 CVE-2012-3362 (Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 ...)
 	{DSA-2510-1}

More information about the Secure-testing-commits mailing list