Document Moodle multiple security vulnerabilities

Note upstream has not released CVE assignments or details of the issues at this time. Document the current verbiage from the release notes to help downstream users proactively update.
svn path=/head/; revision=397210
2024-11-27 00:57:50 +00:00 · 2015-09-18 02:23:56 +00:00 · 2015-09-18 02:23:56 +00:00 · fe37f7e780 · 2021-03-31 03:12:20 +00:00
commit fe37f7e780
parent 8f2c38c402
1 changed files with 38 additions and 0 deletions
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@ -58,6 +58,44 @@ Notes:

 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="c2fcbec2-5daa-11e5-9909-002590263bf5">
+    <topic>moodle -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>moodle27</name>
+	<range><lt>2.7.10</lt></range>
+      </package>
+      <package>
+	<name>moodle28</name>
+	<range><lt>2.8.8</lt></range>
+      </package>
+      <package>
+	<name>moodle29</name>
+	<range><lt>2.9.2</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Moodle Release Notes report:</p>
+	<blockquote cite="https://docs.moodle.org/dev/Moodle_2.9.2_release_notes">
+	  <p>A number of security related issues were resolved. Details of
+	    these issues will be released after a period of approximately one
+	    week to allow system administrators to safely update to the latest
+	    version.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <url>https://docs.moodle.org/dev/Moodle_2.7.10_release_notes</url>
+      <url>https://docs.moodle.org/dev/Moodle_2.8.8_release_notes</url>
+      <url>https://docs.moodle.org/dev/Moodle_2.9.2_release_notes</url>
+    </references>
+    <dates>
+      <discovery>2015-09-14</discovery>
+      <entry>2015-09-18</entry>
+    </dates>
+  </vuln>
+
  <vuln vid="d3a98c2d-5da1-11e5-9909-002590263bf5">
    <topic>squid -- TLS/SSL parser denial of service vulnerability</topic>
    <affects>