[Secure-testing-commits] r25326 - data/CVE
Thijs Kinkhorst
thijs at moszumanska.debian.org
Wed Jan 22 09:40:15 UTC 2014
Author: thijs
Date: 2014-01-22 09:40:15 +0000 (Wed, 22 Jan 2014)
New Revision: 25326
Modified:
data/CVE/list
Log:
moo-dle
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-22 09:23:31 UTC (rev 25325)
+++ data/CVE/list 2014-01-22 09:40:15 UTC (rev 25326)
@@ -3738,17 +3738,17 @@
RESERVED
CVE-2014-0010 [Cross-site request forgery vulnerability in profile fields]
RESERVED
- - moodle <unfixed>
+ - moodle 2.5.4-1
NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42883
TODO: check which versions affected, sesskey seems checked in oldstable?
CVE-2014-0009 [Group constraints lacking in "login as"]
RESERVED
- - moodle <unfixed> (low)
+ - moodle 2.5.4-1 (low)
[squeeze] - moodle <no-dsa> (Minor issue)
NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42643
CVE-2014-0008 [Config passwords visibility issue]
RESERVED
- - moodle <unfixed> (low)
+ - moodle 2.5.4-1 (low)
[squeeze] - moodle <no-dsa> (Minor issue)
NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721
CVE-2014-0007
More information about the Secure-testing-commits
mailing list