Bug 605809 (CVE-2010-2228, CVE-2010-2229, CVE-2010-2230, CVE-2010-2231)
| Summary: | CVE-2010-2228, CVE-2010-2229, CVE-2010-2230, CVE-2010-2231 moodle: multiple security fixes in upstream 1.9.9/1.8.13 | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | gwync, jlieskov |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-11-18 19:57:06 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 605810 | ||
| Bug Blocks: | |||
|
Description
Vincent Danen
2010-06-18 20:11:50 UTC
CVE request here: http://www.openwall.com/lists/oss-security/2010/06/18/4 Created moodle tracking bugs for this issue Affects: fedora-all [bug 605810] Following CVE identifiers has been assigned to these issues: (http://www.openwall.com/lists/oss-security/2010/06/21/2) * MSA-10-0010 Persistent Cross Site Scripting vulnerability in the MNET access control interface => CVE-2010-2228 * MSA-10-0011 Cross Site Scripting vulnerability in blog/index.php => CVE-2010-2229 * MSA-10-0012 KSES Security Filter Bypassing vulnerability => CVE-2010-2230 * MSA-10-0013 Potential Cross Site Scripting vulnerability in Quiz reports => CVE-2010-2231 moodle-1.9.9-1.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/moodle-1.9.9-1.fc11 moodle-1.8.13-1.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/moodle-1.8.13-1.el5 moodle-1.8.13-1.el4 has been submitted as an update for Fedora EPEL 4. http://admin.fedoraproject.org/updates/moodle-1.8.13-1.el4 moodle-1.9.9-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/moodle-1.9.9-1.fc12 moodle-1.9.9-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/moodle-1.9.9-1.fc13 moodle-1.9.9-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. moodle-1.9.9-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. moodle-1.9.9-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report. moodle-1.8.13-1.el4 has been pushed to the Fedora EPEL 4 stable repository. If problems still persist, please make note of it in this bug report. moodle-1.8.13-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report. |