Package: moodle Severity: normal Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for moodle.
CVE-2010-1617[0]: | user/view.php in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 | does not properly check a role, which allows remote authenticated | users to obtain the full names of other users via the course profile | page. Patch: http://cvs.moodle.org/moodle/user/view.php?r1=1.168.2.28&r2=1.168.2.29 If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1617 http://security-tracker.debian.org/tracker/CVE-2010-1617 -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
pgp9uuhVwuanP.pgp
Description: PGP signature