diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-10-09 17:11:47 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-10-09 17:11:47 +0000 |
commit | 3b08d80d086765e537a01569c5f125fa07943373 (patch) | |
tree | 51b64985b78f4c2b4ccfc4e64fbe02bcaf4526aa /data | |
parent | cb74bd68b44d2d30c8cc373360c3bf4793d0be47 (diff) |
Mark moodle as removed
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@56545 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/2006.list | 2 | ||||
-rw-r--r-- | data/CVE/2008.list | 2 | ||||
-rw-r--r-- | data/CVE/2017.list | 16 |
3 files changed, 10 insertions, 10 deletions
diff --git a/data/CVE/2006.list b/data/CVE/2006.list index 35b9e749c5..b7b3934640 100644 --- a/data/CVE/2006.list +++ b/data/CVE/2006.list @@ -5041,7 +5041,7 @@ CVE-2006-4976 (The Date Library in John Lim ADOdb Library for PHP allows remote - phppgadmin <unfixed> (unimportant) - egroupware <unfixed> (unimportant) - phpwiki <unfixed> (unimportant) - - moodle <unfixed> (unimportant) + - moodle <removed> (unimportant) NOTE: full path is known in Debian anyway CVE-2006-4975 (Yahoo! Messenger for WAP permits saving messages that contain ...) NOT-FOR-US: Yahoo! Messenger diff --git a/data/CVE/2008.list b/data/CVE/2008.list index bd80d591a3..7356c4a893 100644 --- a/data/CVE/2008.list +++ b/data/CVE/2008.list @@ -9658,7 +9658,7 @@ CVE-2008-3326 (Cross-site scripting (XSS) vulnerability in blog/edit.php in Mood - moodle 1.8.2-2 (low; bug #492492) NOTE: http://moodle.org/mod/forum/discuss.php?d=101401 CVE-2008-3327 (Moodle 1.6.5, when display_errors is enabled, allows remote attackers ...) - - moodle <unfixed> (unimportant) + - moodle <removed> (unimportant) NOTE: http://moodle.org/mod/forum/discuss.php?d=101403 NOTE: Does not allow any attack vectors, apart from gaining non-sensible information CVE-2008-XXXX [mantis multiple issues] diff --git a/data/CVE/2017.list b/data/CVE/2017.list index fa3dffc48d..f55b4aa1a8 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -7895,10 +7895,10 @@ CVE-2017-12159 CVE-2017-12158 RESERVED CVE-2017-12157 (In Moodle 3.x, various course reports allow teachers to view details ...) - - moodle <unfixed> + - moodle <removed> NOTE: https://moodle.org/mod/forum/discuss.php?d=358586 CVE-2017-12156 (Moodle 3.x has XSS in the contact form on the "non-respondents" page in ...) - - moodle <unfixed> + - moodle <removed> NOTE: https://moodle.org/mod/forum/discuss.php?d=358585 CVE-2017-12155 RESERVED @@ -20942,7 +20942,7 @@ CVE-2017-7533 (Race condition in the fsnotify implementation in the Linux kernel NOTE: http://www.openwall.com/lists/oss-security/2017/08/03/2 NOTE: Fixed by: https://git.kernel.org/linus/49d31c2f389acfe83417083e1208422b4091cd9 (v4.13-rc1) CVE-2017-7532 (In Moodle 3.x, course creators are able to change system default ...) - - moodle <unfixed> + - moodle <removed> NOTE: https://moodle.org/mod/forum/discuss.php?d=355556 CVE-2017-7531 (In Moodle 3.3, the course overview block reveals activities in hidden ...) - moodle <not-affected> (Only affects 3.3) @@ -21135,13 +21135,13 @@ CVE-2017-7493 (Quick Emulator (Qemu) built with the VirtFS, host directory shari CVE-2017-7492 REJECTED CVE-2017-7491 (In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers ...) - - moodle <unfixed> + - moodle <removed> NOTE: https://moodle.org/mod/forum/discuss.php?d=352355 CVE-2017-7490 (In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because ...) - - moodle <unfixed> + - moodle <removed> NOTE: https://moodle.org/mod/forum/discuss.php?d=352354 CVE-2017-7489 (In Moodle 2.x and 3.x, remote authenticated users can take ownership of ...) - - moodle <unfixed> + - moodle <removed> NOTE: https://moodle.org/mod/forum/discuss.php?d=352353 CVE-2017-7488 (Authconfig version 6.2.8 is vulnerable to an Information exposure ...) NOT-FOR-US: authconfig in Red Hat @@ -21744,7 +21744,7 @@ CVE-2017-7308 (The packet_set_ring function in net/packet/af_packet.c in the Lin NOTE: Fixed by: https://git.kernel.org/linus/bcc5364bdcfe131e6379363f089e7b4108d35b70 NOTE: https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html CVE-2017-7298 (In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add ...) - - moodle <unfixed> (unimportant) + - moodle <removed> (unimportant) NOTE: http://www.daimacn.com/post/12.html NOTE: https://tracker.moodle.org/browse/MDL-52038 NOTE: Not considered a security issue/bug upstream, disputed that it got a CVE @@ -33855,7 +33855,7 @@ CVE-2017-2643 (In Moodle 3.2.x, global search displays user names for unauthenti NOTE: https://tracker.moodle.org/browse/MDL-56526 NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-56526 CVE-2017-2642 (Moodle 3.x has user fullname disclosure on the user preferences page. ...) - - moodle <unfixed> + - moodle <removed> NOTE: https://moodle.org/mod/forum/discuss.php?d=355554 CVE-2017-2641 (In Moodle 2.x and 3.x, SQL injection can occur via user preferences. ...) - moodle 2.7.19+dfsg-1 |