Date: Mon, 1 Nov 2010 16:38:59 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: coley <coley@...re.org> Subject: Re: CVE request: moodle 1.9.10 ----- "Ludwig Nussel" <ludwig.nussel@...e.de> wrote: > Hi, > > Moodle 1.9.10 is a security update again: > http://docs.moodle.org/en/Moodle_1.9.10_release_notes > This appears to be these things: * MSA-10-0017 XSS vulnerability in YUI 2.4.0 through YUI 2.8.1 Use CVE-2010-3866 for this. * MSA-10-0016 Multiple phpCAS library vulnerabilities This seems to have CVE ids * MSA-10-0015 Customised HTML Purifier upgraded to 4.2.0 * MSA-10-0014 Customised phpMyAdmin upgraded to 2.11.11 These two have no real information I can see. They just say to upgrade the upstream version. Does anyone have more information (I can't follow the link to the tracker). Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.