/[advisories]/10136.adv
ViewVC logotype

Annotation of /10136.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 6 - (hide annotations) (download)
Thu Jun 6 15:25:14 2013 UTC (10 years, 9 months ago) by boklm
File size: 1683 byte(s)
Add advisory for bug 10136
1 boklm 6 ID: MGASA-2013-0162
2     pubtime: 1370521473
3     type: security
4     src:
5     3:
6     core:
7     - moodle-2.4.4-1.mga3
8     CVE:
9     - CVE-2013-2079
10     - CVE-2013-2080
11     - CVE-2013-2081
12     - CVE-2013-2082
13     - CVE-2013-2083
14     subject: Updated moodle package fix security vulnerabilities
15     description: |
16     The assignment module in Moodle before 2.4.4 was not checking capabilities
17     for users downloading all assignments as a zip (CVE-2013-2079).
18    
19     The Gradebook's Overview report in Moodle before 2.4.4 was showing grade
20     totals that may have incorrectly included hidden grades (CVE-2013-2080).
21    
22     When registering a site on a hub (not Moodle.net) site in Moodle before
23     2.4.4, information was being sent to the hub regardless of settings chosen
24     (CVE-2013-2081).
25    
26     There was no check of permissions for viewing comments on blog posts in
27     Moodle before 2.4.4 (CVE-2013-2082).
28    
29     Form elements named using a specific naming scheme were not being filtered
30     correctly in Moodle before 2.4.4 (CVE-2013-2083).
31     references:
32     - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2079
33     - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2080
34     - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2081
35     - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2082
36     - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2083
37     - https://moodle.org/mod/forum/discuss.php?d=228930
38     - https://moodle.org/mod/forum/discuss.php?d=228931
39     - https://moodle.org/mod/forum/discuss.php?d=228933
40     - https://moodle.org/mod/forum/discuss.php?d=228934
41     - https://moodle.org/mod/forum/discuss.php?d=228935
42     - http://docs.moodle.org/dev/Moodle_2.4.4_release_notes
43     - https://moodle.org/mod/forum/discuss.php?d=228536

  ViewVC Help
Powered by ViewVC 1.1.30