[Secure-testing-commits] r27859 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jul 21 17:31:52 UTC 2014
Author: carnil
Date: 2014-07-21 17:31:52 +0000 (Mon, 21 Jul 2014)
New Revision: 27859
Modified:
data/CVE/list
Log:
Add CVE-2014-3550/moodle
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-07-21 17:30:55 UTC (rev 27858)
+++ data/CVE/list 2014-07-21 17:31:52 UTC (rev 27859)
@@ -3291,8 +3291,11 @@
TODO: check unstable, might be unaffected as advisory says Versions affected: 2.5 to 2.5.6, 2.4 to 2.4.10 and earlier unsupported versions
CVE-2014-3551
RESERVED
-CVE-2014-3550
+CVE-2014-3550 [Cross-site scripting though scheduled task error messages]
RESERVED
+ - moodle <unfixed>
+ NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46227
+ TODO: check, only affects 2.7?
CVE-2014-3549 [Cross-site scripting through logs of failed logins]
RESERVED
- moodle <unfixed>
More information about the Secure-testing-commits
mailing list