A possibility to bypass file upload size constraint was found in the way the webservice script, called from the filepicker front end of Moodle, a course management system, performed sanitization of 'maxbytes' variable. A remote attacker could issue a specially-crafted request that, when processed could allow an attacker to upload a file even if it was larger than specified constraint. Upstream patch: [1] http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-30792 References: [2] http://www.openwall.com/lists/oss-security/2012/09/17/1
This issue affects the versions of the moodle package, as shipped with Fedora release of 16 and 17. Please schedule an update. -- This issue affects the version of the moodle package, as shipped with Fedora EPEL 6. Please schedule an update. -- This issue did NOT affect the version of the moodle package, as shipped with Fedora EPEL 5.
Update in progress, not linked to any BZ, none assigned to me.
(In reply to comment #2) > Update in progress, not linked to any BZ, none assigned to me. Thanks, Jon. Do you need child bugs yet?
Not really, only to attach to the Bodhi update. I've already got the builds and the updates done and in the pipe. Might be good for completeness.
Created moodle tracking bugs for this issue Affects: fedora-17 [bug 857981]
Created moodle tracking bugs for this issue Affects: fedora-16 [bug 857983]
Created moodle tracking bugs for this issue Affects: epel-6 [bug 857984]