-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2015-0641 2015-02-05 17:38:07 --------------------------------------------------------------------------------

Name : moodle Product : Fedora EPEL 6 Version : 2.6.8 Release : 1.el6 URL : http://moodle.org/ Summary : A Course Management System Description : Moodle is a course management system (CMS) - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities.

-------------------------------------------------------------------------------- Update Information:

The following security notifications have now been made public:

============================================================================== MSA-15-0001: Insufficient access check in LTI module

Description: Absence of capability check in AJAX backend script could allow any enrolled user to search the list of registered tools Issue summary: mod/lti/ajax.php security problems Severity/Risk: Minor Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier unsupported versions Versions fixed: 2.8.2, 2.7.4 and 2.6.7 Reported by: Petr Skoda Issue no.: MDL-47920 CVE identifier: CVE-2015-0211 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&...

============================================================================== MSA-15-0002: XSS vulnerability in course request pending approval page

Description: Course summary on course request pending approval page was displayed to the manager unescaped and could be used for XSS attack Issue summary: XSS in course request pending approval page (Privilege Escalation?) Severity/Risk: Serious Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier unsupported versions Versions fixed: 2.8.2, 2.7.4 and 2.6.7 Reported by: Skylar Kelty Issue no.: MDL-48368 Workaround: Grant permission moodle/course:request only to trusted users CVE identifier: CVE-2015-0212 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&...

============================================================================== MSA-15-0003: CSRF possible in Glossary module

Description: Two files in the Glossary module lacked a session key check potentially allowing cross-site request forgery Issue summary: Multiple CSRF in mod glossary Severity/Risk: Serious Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier unsupported versions Versions fixed: 2.8.2, 2.7.4 and 2.6.7 Reported by: Ankit Agarwal Issue no.: MDL-48106 CVE identifier: CVE-2015-0213 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&...

============================================================================== MSA-15-0004: Information leak through messaging functions in web-services

Description: Through web-services it was possible to access messaging-related functions such as people search even if messaging is disabled on the site Issue summary: Messages external functions doesn't check if messaging is enabled Severity/Risk: Minor Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier unsupported versions Versions fixed: 2.8.2, 2.7.4 and 2.6.7 Reported by: Juan Leyva Issue no.: MDL-48329 Workaround: Disable web services or disable individual message-related functions CVE identifier: CVE-2015-0214 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&...

============================================================================== MSA-15-0005: Insufficient access check in calendar functions in web-services

Description: Through web-services it was possible to get information about calendar events which user did not have enough permissions to see Issue summary: calendar/externallib.php lacks self::validate_context($context); Severity/Risk: Minor Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier unsupported versions Versions fixed: 2.8.2, 2.7.4 and 2.6.7 Reported by: Petr Skoda Issue no.: MDL-48017 CVE identifier: CVE-2015-0215 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&...

============================================================================== MSA-15-0006: Capability to grade Lesson module is missing XSS bitmask

Description: Users with capability to grade in Lesson module were not reported as users with XSS risk but their feedback was displayed without cleaning Issue summary: mod/lesson:grade capability missing RISK_XSS but essay feedback is displayed with noclean=true Severity/Risk: Minor Versions affected: 2.8 to 2.8.1 Versions fixed: 2.8.2 Reported by: Damyon Wiese Issue no.: MDL-48034 CVE identifier: CVE-2015-0216 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&...

============================================================================== MSA-15-0007: ReDoS possible in the multimedia filter

Description: Not optimal regular expression in the filter could be exploited to create extra server load or make particular page unavailable Issue summary: ReDOS in the multimedia filter Severity/Risk: Serious Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier unsupported versions Versions fixed: 2.8.2, 2.7.4 and 2.6.7 Reported by: Nicolas Martignoni Issue no.: MDL-48546 Workaround: Disable multimedia filter CVE identifier: CVE-2015-0217 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&...

============================================================================== MSA-15-0008: Forced logout through Shibboleth authentication plugin

Description: It was possible to forge a request to logout users even when not authenticated through Shibboleth Issue summary: Forced logout via auth/shibboleth/logout.php Severity/Risk: Serious Versions affected: 2.8 to 2.8.1, 2.7 to 2.7.3, 2.6 to 2.6.6 and earlier unsupported versions Versions fixed: 2.8.2, 2.7.4 and 2.6.7 Reported by: Petr Skoda Issue no.: MDL-47964 Workaround: Deny access to file auth/shibboleth/logout.php in webserver configuration CVE identifier: CVE-2015-0218 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&...

============================================================================== -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1183695 - CVE-2015-0218 CVE-2015-0212 CVE-2015-0213 CVE-2015-0211 CVE-2015-0216 CVE-2015-0217 CVE-2015-0214 CVE-2015-0215 moodle: new update fixes several security issues [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1183695 [ 2 ] Bug #1183694 - CVE-2015-0218 CVE-2015-0212 CVE-2015-0213 CVE-2015-0211 CVE-2015-0216 CVE-2015-0217 CVE-2015-0214 CVE-2015-0215 moodle: new update fixes several security issues [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1183694 --------------------------------------------------------------------------------

This update can be installed with the "yum" update programs. Use su -c 'yum update moodle' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------