Moodle released multiple security advisories. MSA-16-0025: CVE-2016-8644: Capability to view course notes is checked in the wrong context http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-51347 MSA-16-0024: CVE-2016-8643: Non-admin site managers may accidentally edit admins via web services http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-56065 MSA-16-0023: CVE-2016-8642: Question engine allows access to files that should not be available http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-53744 References: https://moodle.org/security/
Created moodle tracking bugs for this issue: Affects: fedora-all [bug 1401064] Affects: epel-all [bug 1401065]