Package: moodle
Version: 1.5.3-1
Severity: grave
Justification: user security hole
There is a know security bug in the AdoDB libraries distributed as part
of Moodle, in the 1.5.x series at least. This has been fixed in the
1.5.3+ release as of 2006.01.06, as can be seen here:
http://security.moodle.org/mod/forum/discuss.php?d=210
Saludos. IƱaki.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.11.10
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages moodle depends on:
ii apache [httpd] 1.3.33-6sarge1 versatile, high-performance HTTP s
ii debconf [debconf-2.0] 1.4.30.13 Debian configuration management sy
ii mimetex 1.50-1 LaTeX math expressions to anti-ali
ii php4 4:4.3.10-16 server-side, HTML-embedded scripti
ii php4-gd 4:4.3.10-16 GD module for php4
ii php4-mysql 4:4.3.10-16 MySQL module for php4
ii wget 1.9.1-12 retrieves files from the web
ii wwwconfig-common 0.0.43 Debian web auto configuration
-- debconf information excluded