Parent Directory | Revision Log
Add advisory for bug 10136
1 | boklm | 6 | ID: MGASA-2013-0162 |
2 | pubtime: 1370521473 | ||
3 | type: security | ||
4 | src: | ||
5 | 3: | ||
6 | core: | ||
7 | - moodle-2.4.4-1.mga3 | ||
8 | CVE: | ||
9 | - CVE-2013-2079 | ||
10 | - CVE-2013-2080 | ||
11 | - CVE-2013-2081 | ||
12 | - CVE-2013-2082 | ||
13 | - CVE-2013-2083 | ||
14 | subject: Updated moodle package fix security vulnerabilities | ||
15 | description: | | ||
16 | The assignment module in Moodle before 2.4.4 was not checking capabilities | ||
17 | for users downloading all assignments as a zip (CVE-2013-2079). | ||
18 | |||
19 | The Gradebook's Overview report in Moodle before 2.4.4 was showing grade | ||
20 | totals that may have incorrectly included hidden grades (CVE-2013-2080). | ||
21 | |||
22 | When registering a site on a hub (not Moodle.net) site in Moodle before | ||
23 | 2.4.4, information was being sent to the hub regardless of settings chosen | ||
24 | (CVE-2013-2081). | ||
25 | |||
26 | There was no check of permissions for viewing comments on blog posts in | ||
27 | Moodle before 2.4.4 (CVE-2013-2082). | ||
28 | |||
29 | Form elements named using a specific naming scheme were not being filtered | ||
30 | correctly in Moodle before 2.4.4 (CVE-2013-2083). | ||
31 | references: | ||
32 | - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2079 | ||
33 | - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2080 | ||
34 | - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2081 | ||
35 | - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2082 | ||
36 | - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2083 | ||
37 | - https://moodle.org/mod/forum/discuss.php?d=228930 | ||
38 | - https://moodle.org/mod/forum/discuss.php?d=228931 | ||
39 | - https://moodle.org/mod/forum/discuss.php?d=228933 | ||
40 | - https://moodle.org/mod/forum/discuss.php?d=228934 | ||
41 | - https://moodle.org/mod/forum/discuss.php?d=228935 | ||
42 | - http://docs.moodle.org/dev/Moodle_2.4.4_release_notes | ||
43 | - https://moodle.org/mod/forum/discuss.php?d=228536 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |