[Secure-testing-commits] r36771 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Sep 21 04:41:37 UTC 2015 

Author: carnil
Date: 2015-09-21 04:41:36 +0000 (Mon, 21 Sep 2015)
New Revision: 36771

Modified:
   data/CVE/list
Log:
Add new moodle issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-09-20 21:10:13 UTC (rev 36770)
+++ data/CVE/list	2015-09-21 04:41:36 UTC (rev 36771)
@@ -4765,24 +4765,45 @@
 	NOT-FOR-US: OpenShift
 CVE-2015-5273
 	RESERVED
-CVE-2015-5272
+CVE-2015-5272 [MSA-15-0031: Teacher in forum can still post to "all participants" and groups they are not members of]
 	RESERVED
+	- moodle <unfixed>
+	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
+	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50576
 CVE-2015-5271
 	RESERVED
 CVE-2015-5270
 	REJECTED
-CVE-2015-5269
+CVE-2015-5269 [MSA-15-0036: XSS in grouping description]
 	RESERVED
-CVE-2015-5268
+	- moodle <unfixed>
+	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
+	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50709
+CVE-2015-5268 [MSA-15-0035: Rating component does not check separate groups]
 	RESERVED
-CVE-2015-5267
+	- moodle <unfixed>
+	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
+	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50173
+CVE-2015-5267 [MSA-15-0034: Vulnerability in password recovery mechanism]
 	RESERVED
-CVE-2015-5266
+	- moodle <unfixed>
+	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
+	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50860
+CVE-2015-5266 [MSA-15-0033: Meta course synchronisation enrols suspended students as managers for a short period of time]
 	RESERVED
-CVE-2015-5265
+	- moodle <unfixed>
+	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
+	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50744
+CVE-2015-5265 [MSA-15-0032: Users can delete files uploaded by other users in wiki]
 	RESERVED
-CVE-2015-5264
+	- moodle <unfixed>
+	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
+	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48371
+CVE-2015-5264 [MSA-15-0030: Students can re-attempt answering questions in the lesson]
 	RESERVED
+	- moodle <unfixed>
+	[squeeze] - moodle <end-of-life> (Unsupported in squeeze-lts)
+	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50516
 CVE-2015-5263
 	RESERVED
 CVE-2015-5262

More information about the Secure-testing-commits mailing list