Fedora 20 : moodle-2.5.2-1.fc20 (2013-16410)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

Moodle upstream has released upstream 2.3.9, 2.4.6, and 2.5.2
versions :

http://docs.moodle.org/dev/Moodle_2.3.9_release_notes
http://docs.moodle.org/dev/Moodle_2.4.6_release_notes
http://docs.moodle.org/dev/Moodle_2.5.2_release_notes

These releases contain unspecified security fixes, the nature of which
will be public next week
as per the upstream announcements :

'A number of security related issues were resolved. Details of these
issues will be released after a period of approximately one week to
allow system administrators to safely update to the latest version.'
Update to more recent upstream branch.

See also :

http://docs.moodle.org/dev/Moodle_2.3.9_release_notes
http://docs.moodle.org/dev/Moodle_2.4.6_release_notes
http://docs.moodle.org/dev/Moodle_2.5.2_release_notes
https://bugzilla.redhat.com/show_bug.cgi?id=1006678
https://bugzilla.redhat.com/show_bug.cgi?id=1006679
http://www.nessus.org/u?dc99cb80

Solution :

Update the affected moodle package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 70056 ()

Bugtraq ID: 62410
62411
62412

CVE ID: