[Secure-testing-commits] r40494 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Mar 21 07:28:10 UTC 2016
Author: jmm
Date: 2016-03-21 07:28:10 +0000 (Mon, 21 Mar 2016)
New Revision: 40494
Modified:
data/CVE/list
Log:
new moodle issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-21 07:26:02 UTC (rev 40493)
+++ data/CVE/list 2016-03-21 07:28:10 UTC (rev 40494)
@@ -3894,8 +3894,9 @@
RESERVED
CVE-2016-2191
RESERVED
-CVE-2016-2190
+CVE-2016-2190 [MSA-16-0011: Add no referrer to links with _blank target attribute]
RESERVED
+ - moodle <unfixed>
CVE-2016-2189
RESERVED
CVE-2016-2188 [Kernel panic on invalid USB device descriptor (iowarrior driver)]
@@ -3974,14 +3975,18 @@
RESERVED
CVE-2016-2160
RESERVED
-CVE-2016-2159
+CVE-2016-2159 [MSA-16-0012: External function mod_assign_save_submission does not check due dates]
RESERVED
-CVE-2016-2158
+ - moodle <unfixed>
+CVE-2016-2158 [MSA-16-0010: Enumeration of category details possible without authentication]
RESERVED
-CVE-2016-2157
+ - moodle <unfixed>
+CVE-2016-2157 [MSA-16-0009: CSRF in Assignment plugin management page]
RESERVED
-CVE-2016-2156
+ - moodle <unfixed>
+CVE-2016-2156 [MSA-16-0008: External function get_calendar_events return events that pertains to hidden activities]
RESERVED
+ - moodle <unfixed>
CVE-2016-2155 [MSA-16-0007: Non-Editing Instructor role can edit exclude checkbox in Single View]
RESERVED
- moodle <not-affected> (Only affects 2.8 and later)
More information about the Secure-testing-commits
mailing list