Package: moodle Version: 1.5.3-1 Severity: grave Justification: user security hole
There is a know security bug in the AdoDB libraries distributed as part of Moodle, in the 1.5.x series at least. This has been fixed in the 1.5.3+ release as of 2006.01.06, as can be seen here: http://security.moodle.org/mod/forum/discuss.php?d=210 Saludos. IƱaki. -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.11.10 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages moodle depends on: ii apache [httpd] 1.3.33-6sarge1 versatile, high-performance HTTP s ii debconf [debconf-2.0] 1.4.30.13 Debian configuration management sy ii mimetex 1.50-1 LaTeX math expressions to anti-ali ii php4 4:4.3.10-16 server-side, HTML-embedded scripti ii php4-gd 4:4.3.10-16 GD module for php4 ii php4-mysql 4:4.3.10-16 MySQL module for php4 ii wget 1.9.1-12 retrieves files from the web ii wwwconfig-common 0.0.43 Debian web auto configuration -- debconf information excluded