white at alioth.debian.org
2009-Feb-10 23:09 UTC
[Secure-testing-commits] r11186 - data/CVE
Author: white Date: 2009-02-10 23:09:58 +0000 (Tue, 10 Feb 2009) New Revision: 11186 Modified: data/CVE/list Log: 3 moodle issues fixed in sid, a minor one still unfixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-02-10 23:08:25 UTC (rev 11185) +++ data/CVE/list 2009-02-10 23:09:58 UTC (rev 11186) @@ -3,13 +3,17 @@ CVE-2009-XXXX [tor: DoS vulnerability that could be performed by a directory mirror] - tor 0.2.0.34-1 CVE-2009-0502 (Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php ...) - TODO: check + - moodle 1.8.2.dfsg-3 (low) + TODO: check snoopy and code copies + NOTE: MSA-09-0004 CVE-2009-0501 (Unspecified vulnerability in the Calendar export feature in Moodle 1.8 ...) - TODO: check + - moodle <unfixed> (low) + [etch] - moodle <not-affected> (Vulnerable code not present) CVE-2009-0500 (Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle ...) - TODO: check + - moodle 1.8.2.dfsg-3 (low) CVE-2009-0499 (Cross-site request forgery (CSRF) vulnerability in the forum code in ...) - TODO: check + - moodle 1.8.2.dfsg-3 (low) + [etch] - moodle <not-affected> (Vulnerable code not present) CVE-2009-0498 (Virtual GuestBook (vgbook) 2.1 stores sensitive information under the ...) TODO: check CVE-2009-0497 (Directory traversal vulnerability in log.jsp in Ignite Realtime ...)