Author: nion Date: 2008-01-17 19:47:08 +0000 (Thu, 17 Jan 2008) New Revision: 7953 Modified: data/CVE/list Log: moodle non-issue Modified: data/CVE/list ==================================================================--- data/CVE/list 2008-01-17 16:40:54 UTC (rev 7952) +++ data/CVE/list 2008-01-17 19:47:08 UTC (rev 7953) @@ -377,7 +377,10 @@ CVE-2008-0124 RESERVED CVE-2008-0123 (Cross-site scripting (XSS) vulnerability in install.php for Moodle ...) - TODO: check + - moodle <unfixed> (unimportant) + NOTE: the issue itself has a quite small attack vector + NOTE: and considering that the apache configuration that comes + NOTE: with moodle limits connections to localhost this is no issue CVE-2008-0122 (Off-by-one error in the inet_network function in libc in FreeBSD 6.2, ...) - kfreebsd-5 <not-affected> - kfreebsd-6 <unfixed>