oss-sec mailing list archives
Re: CVE request: moodle 1.9.10
From: Josh Bressers <bressers () redhat com>
Date: Mon, 1 Nov 2010 16:38:59 -0400 (EDT)
----- "Ludwig Nussel" <ludwig.nussel () suse de> wrote:
Hi, Moodle 1.9.10 is a security update again: http://docs.moodle.org/en/Moodle_1.9.10_release_notes
This appears to be these things:
* MSA-10-0017 XSS vulnerability in YUI 2.4.0 through YUI 2.8.1
Use CVE-2010-3866 for this.
* MSA-10-0016 Multiple phpCAS library vulnerabilities
This seems to have CVE ids
* MSA-10-0015 Customised HTML Purifier upgraded to 4.2.0
* MSA-10-0014 Customised phpMyAdmin upgraded to 2.11.11
These two have no real information I can see. They just say to upgrade the
upstream version. Does anyone have more information (I can't follow the
link to the tracker).
Thanks.
--
JB
Current thread:
- CVE request: moodle 1.9.10 Ludwig Nussel (Oct 29)
- <Possible follow-ups>
- Re: CVE request: moodle 1.9.10 Josh Bressers (Nov 01)
- Re: CVE request: moodle 1.9.10 Steven M. Christey (Nov 07)