Fedora Update Notification
2022-05-27 01:01:34.797946

Name        : moodle
Product     : Fedora 34
Version     : 3.11.7
Release     : 1.fc34
URL         : https://moodle.org/
Summary     : A Course Management System
Description :
Moodle is a course management system (CMS) - a free, Open Source software
package designed using sound pedagogical principles, to help educators create
effective online learning communities.

Update Information:

Multiple CVE fixes.

* Wed May 18 2022 Gwyn Ciesla  - 3.11.7-1
- 3.11.7

  [ 1 ] Bug #2087632 - CVE-2022-30596 moodle: Stored XSS in assignment bulk marker allocation form via user ID number [fedora-all]
  [ 2 ] Bug #2087633 - CVE-2022-30597 moodle: Description field hidden by user policies (hiddenuserfields) is still visible [fedora-all]
  [ 3 ] Bug #2087634 - CVE-2022-30599 moodle: SQL injection risk in badge award criteria [fedora-all]
  [ 4 ] Bug #2087635 - CVE-2022-30600 moodle: Failed login attempts counted incorrectly [fedora-all]
  [ 5 ] Bug #2087636 - CVE-2022-30598 moodle: global search results reveal authors of content unexpectedly for some activities [fedora-all]

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-bd4457bcc4' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure