Author: jmm
Date: 2017-07-18 09:41:11 +0000 (Tue, 18 Jul 2017)
New Revision: 53613
Modified:
data/CVE/list
Log:
new moodle issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-18 09:37:23 UTC (rev 53612)
+++ data/CVE/list 2017-07-18 09:41:11 UTC (rev 53613)
@@ -9274,7 +9274,7 @@
NOTE: edgebuffer scan converter was made default only in:
http://git.ghostscript.com/?p=ghostpdl.git;h=dd5da2cb3e08398ac6d86598b36b00994d058308
NOTE: But the vulnerable code via base/gxscan.c, a new scan converter
introduced in 9.20 is present.
CVE-2017-7947 (NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and
9.1 ...)
- TODO: check
+ NOT-FOR-US: NetApp
CVE-2016-10347
RESERVED
CVE-2016-10346
@@ -10722,11 +10722,13 @@
CVE-2017-7533
RESERVED
CVE-2017-7532 (In Moodle 3.x, course creators are able to change system
default ...)
- TODO: check
+ - moodle <unfixed>
+ NOTE: https://moodle.org/mod/forum/discuss.php?d=355556
CVE-2017-7531 (In Moodle 3.3, the course overview block reveals activities in
hidden ...)
- TODO: check
+ - moodle <not-affected> (Only affects 3.3)
CVE-2017-7530
RESERVED
+ NOTE: https://moodle.org/mod/forum/discuss.php?d=355555
CVE-2017-7529 (Nginx versions since 0.5.6 up to and including 1.13.2 are
vulnerable ...)
{DSA-3908-1 DLA-1024-1}
- nginx 1.13.3-1 (bug #868109)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
