Ubuntu
moodle package

Vulnerable version of Moodle (1.8.2)

Bug #272221 reported by mentis
258
Affects Status Importance Assigned to Milestone
moodle (Ubuntu)
Fix Released
Medium
Kees Cook
Gutsy
Fix Released
Medium
Kees Cook
Hardy
Fix Released
Medium
Kees Cook
Intrepid
Fix Released
Medium
Kees Cook

Bug Description

Binary package hint: moodle

Moodle 1.8.2 have been compromising since March 2008. There is exploit now.
Need upgrade to 1.8.6 or 1.9.2.

ProblemType: Bug
Architecture: i386
Date: Fri Sep 19 22:08:12 2008
DistroRelease: Ubuntu 7.10
NonfreeKernelModules: fglrx
Uname: Linux weblab-alex-sp 2.6.22-15-generic #1 SMP Fri Jul 11 19:25:33 UTC 2008 i686 GNU/Linux

Tags: apport-bug

CVE References

Revision history for this message
Kees Cook (kees) wrote :

http://cvs.moodle.org/moodle/blog/lib.php?r1=1.38.6.3&r2=1.38.6.2

Revision history for this message
Kees Cook (kees) wrote :

The above URL does not apply -- this bug report is intended for CVE-2008-1502.

Revision history for this message
Kees Cook (kees) wrote :

This has been uploaded to the security queue and will be published shortly.

Changed in moodle:
assignee: nobody → kees
importance: Undecided → Medium
status: New → Fix Committed
assignee: nobody → kees
importance: Undecided → Medium
status: New → Fix Committed
assignee: nobody → kees
importance: Undecided → Medium
status: New → Fix Committed
Revision history for this message
Kees Cook (kees) wrote :

This has been released: http://www.ubuntu.com/usn/usn-658-1

Changed in moodle:
status: Fix Committed → Fix Released
status: Fix Committed → Fix Released
Kees Cook (kees)
Changed in moodle:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.