FEDORA-2024-bdda1791b5 — security update for moodle

stable

moodle-4.3.9-1.fc40

FEDORA-2024-bdda1791b5 created by limb a year ago for Fedora 40

Multiple CVE fixes

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2024-bdda1791b5

This update has been submitted for testing by limb.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please log in to add feedback.

Metadata

Type

security

Severity

low

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

a year ago

in testing

a year ago

in stable

a year ago

approved

a year ago

Builds

moodle-4.3.9-1.fc40

BZ#2332795 CVE-2024-55648 moodle: Potential denial of service risk due to guest sessions' longer timeout period [fedora-40]

BZ#2332811 CVE-2024-55647 moodle: Reflected XSS in question bank filter [fedora-40]

BZ#2332813 CVE-2024-55646 moodle: Database activity issue in separate groups mode, for users not in a group [fedora-40]

BZ#2332823 CVE-2024-55645 moodle: Email change confirmation token available via preference [fedora-40]

BZ#2332825 CVE-2024-55644 moodle: Tag index page displays other users tagged with the selected tag [fedora-40]

BZ#2332827 CVE-2024-55643 moodle: Unprotected access to sensitive information via learning plan web service [fedora-40]

moodle-4.3.9-1.fc40

Automated Test Results

ignored