Fedora 38: moodle 2024-d2f180202f
Summary
Moodle is a course management system (CMS) - a free, Open Source software
package designed using sound pedagogical principles, to help educators create
effective online learning communities.
Update Information:
Fix for multiple CVEs
Change Log
* Mon Feb 19 2024 Gwyn Ciesla
References
[ 1 ] Bug #2264901 - TRIAGE CVE-2024-25978 moodle: MSA-24-0001: Denial of service risk in file picker unzip functionality [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2264901 [ 2 ] Bug #2264904 - TRIAGE CVE-2024-25979 moodle: MSA-24-0002: Forum search accepted random parameters in its URL [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2264904 [ 3 ] Bug #2264907 - TRIAGE CVE-2024-25980 moodle: MSA-24-0003: H5P attempts report did not respect activity group settings [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2264907 [ 4 ] Bug #2264908 - TRIAGE CVE-2024-25981 moodle: MSA-24-0004: Forum export did not respect activity group settings [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2264908 [ 5 ] Bug #2264911 - TRIAGE CVE-2024-25982 moodle: MSA-24-0005: CSRF risk in Language import utility [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2264911 [ 6 ] Bug #2264913 - TRIAGE CVE-2024-25983 moodle: MSA-24-0006: IDOR on dashboard comments block [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2264913
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-d2f180202f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html