Author: white
Date: 2009-02-10 23:09:58 +0000 (Tue, 10 Feb 2009)
New Revision: 11186
Modified:
data/CVE/list
Log:
3 moodle issues fixed in sid, a minor one still unfixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-02-10 23:08:25 UTC (rev 11185)
+++ data/CVE/list 2009-02-10 23:09:58 UTC (rev 11186)
@@ -3,13 +3,17 @@
CVE-2009-XXXX [tor: DoS vulnerability that could be performed by a directory
mirror]
- tor 0.2.0.34-1
CVE-2009-0502 (Cross-site scripting (XSS) vulnerability in
blocks/html/block_html.php ...)
- TODO: check
+ - moodle 1.8.2.dfsg-3 (low)
+ TODO: check snoopy and code copies
+ NOTE: MSA-09-0004
CVE-2009-0501 (Unspecified vulnerability in the Calendar export feature in
Moodle 1.8 ...)
- TODO: check
+ - moodle <unfixed> (low)
+ [etch] - moodle <not-affected> (Vulnerable code not present)
CVE-2009-0500 (Cross-site scripting (XSS) vulnerability in course/lib.php in
Moodle ...)
- TODO: check
+ - moodle 1.8.2.dfsg-3 (low)
CVE-2009-0499 (Cross-site request forgery (CSRF) vulnerability in the forum
code in ...)
- TODO: check
+ - moodle 1.8.2.dfsg-3 (low)
+ [etch] - moodle <not-affected> (Vulnerable code not present)
CVE-2009-0498 (Virtual GuestBook (vgbook) 2.1 stores sensitive information
under the ...)
TODO: check
CVE-2009-0497 (Directory traversal vulnerability in log.jsp in Ignite Realtime
...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
