http://bugzilla.opensuse.org/show_bug.cgi?id=1021046 Bug ID: 1021046 Summary: VUL-0: CVE-2017-2576,CVE-2017-2578: moodle: multiple vulnerabilities Classification: openSUSE Product: openSUSE.org Version: unspecified Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: 3rd party software Assignee: opensuse-communityscreening@forge.provo.novell.com Reporter: astieger@suse.com QA Contact: security-team@suse.de CC: lars.vogdt@suse.com, security-team@suse.de Found By: Security Response Team Blocker: --- https://moodle.org/mod/forum/discuss.php?d=345911 MSA-17-0001: System file inclusion when adding own preset file in Boost theme Description: HTML injection with potential XSS attack was possible by modifying URL for assignment submission and tricking another user into following it Issue summary: XSS in assignment submission page Severity/Risk: Minor Versions affected: 3.2 and 3.1 to 3.1.3 Versions fixed: 3.2.1 and 3.1.4 (also backported to 2.7.18 and 3.0.8 as a precaution) Reported by: Ago Luberg and Wael AbuSeada Issue no.: MDL-57580 CVE identifier: CVE-2017-2578 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-57580 https://moodle.org/mod/forum/discuss.php?d=345912 MSA-17-0002: Incorrect sanitation of attributes in forums Description: Forum post author can change too many fields when editing the post Issue summary: Incorrect sanitation of attributes Severity/Risk: Minor Versions affected: 3.2, 3.1 to 3.1.3, 3.0 to 3.0.7, 2.9 to 2.9.9, 2.8 to 2.8.12, 2.7 to 2.7.17 and earlier unsupported versions Versions fixed: 3.2.1, 3.1.4, 3.0.8 and 2.7.18 Reported by: Anshul Jain Issue no.: MDL-56225 CVE identifier: CVE-2017-2576 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-56225 https://moodle.org/mod/forum/discuss.php?d=345914 MSA-17-0003: PHPMailer vulnerability in no-reply address Description: Security vulnerability was reported against PHPMailer, third party library used by Moodle. As a result Moodle improved validation of no-reply address (that can only be configured by admin), all other fields were already properly sanitized. This issue only affect sites that leave $CFG->smtphosts empty. Issue summary: Address the vulnerabilities in recent PHPMailer 5.2.x Severity/Risk: Serious Versions affected: 3.2, 3.1 to 3.1.3, 3.0 to 3.0.7, 2.9 to 2.9.9, 2.8 to 2.8.12, 2.7 to 2.7.17 and earlier unsupported versions Versions fixed: 3.2.1, 3.1.4, 3.0.8 and 2.7.18 Reported by: Matteo Scaramuccia Issue no.: MDL-57531 Workaround: Define $CFG->noreplyaddress and $CFG->supportemail in config.php CVE identifier: CVE-2016-10045 (PHPMailer) Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-57531 https://moodle.org/mod/forum/discuss.php?d=345915 Description: HTML injection with potential XSS attack was possible by modifying URL for assignment submission and tricking another user into following it Issue summary: XSS in assignment submission page Severity/Risk: Minor Versions affected: 3.2 and 3.1 to 3.1.3 Versions fixed: 3.2.1 and 3.1.4 (also backported to 2.7.18 and 3.0.8 as a precaution) Reported by: Ago Luberg and Wael AbuSeada Issue no.: MDL-57580 CVE identifier: CVE-2017-2578 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-57580 -- You are receiving this mail because: You are on the CC list for the bug.