diff options
| author | Jason Unovitch <junovitch@FreeBSD.org> | 2016-11-16 01:58:36 +0000 |
|---|---|---|
| committer | Jason Unovitch <junovitch@FreeBSD.org> | 2016-11-16 01:58:36 +0000 |
| commit | 9da7d04af3ff3721236683851cda73b78e692c9c (patch) | |
| tree | 15bbdb5a813338ba43f102ed5e8ada47ee4e4ddd /security | |
| parent | e92b0d4ec955b1e593f21fccfbc1eb3d84bf307e (diff) | |
Document Moodle security advisories from September (MSA-16-0022) and
November releases.
Security: CVE-2016-7038
Notes
Notes:
svn path=/head/; revision=426210
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 238378dae4f8..e330d93c1f80 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,78 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="f6565fbf-ab9e-11e6-ae1b-002590263bf5"> + <topic>moodle -- multiple vulnerabilities</topic> + <affects> + <package> + <name>moodle29</name> + <range><lt>2.9.9</lt></range> + </package> + <package> + <name>moodle30</name> + <range><lt>3.0.7</lt></range> + </package> + <package> + <name>moodle31</name> + <range><lt>3.1.3</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Marina Glancy reports:</p> + <blockquote cite="https://docs.moodle.org/dev/Moodle_3.1.3_release_notes"> + <p>A number of security related issues were resolved. Details of these + issues will be released after a period of approximately one week to + allow system administrators to safely update to the latest version.</p> + </blockquote> + </body> + </description> + <references> + <url>https://docs.moodle.org/dev/Moodle_3.1.3_release_notes</url> + </references> + <dates> + <discovery>2016-11-14</discovery> + <entry>2016-11-16</entry> + </dates> + </vuln> + + <vuln vid="ab02f981-ab9e-11e6-ae1b-002590263bf5"> + <topic>moodle -- multiple vulnerabilities</topic> + <affects> + <package> + <name>moodle29</name> + <range><lt>2.9.8</lt></range> + </package> + <package> + <name>moodle30</name> + <range><lt>3.0.6</lt></range> + </package> + <package> + <name>moodle31</name> + <range><lt>3.1.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Marina Glancy reports:</p> + <blockquote cite="https://moodle.org/security/"> + <ul> + <li><p>MSA-16-0022: Web service tokens should be invalidated when + the user password is changed or forced to be changed.</p></li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2016-7038</cvename> + <url>https://moodle.org/security/</url> + </references> + <dates> + <discovery>2016-09-12</discovery> + <entry>2016-11-16</entry> + </dates> + </vuln> + <vuln vid="d1853110-07f4-4645-895b-6fd462ad0589"> <topic>mozilla -- multiple vulnerabilities</topic> <affects> |