Fedora Linux 8546 Published by

A new moodle package has been released for Fedora Linux 38:

Fedora 38 Update: moodle-4.1.9-1.fc38




Fedora 38 Update: moodle-4.1.9-1.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-d2f180202f
2024-02-29 01:56:37.413977
--------------------------------------------------------------------------------

Name : moodle
Product : Fedora 38
Version : 4.1.9
Release : 1.fc38
URL : https://moodle.org/
Summary : A Course Management System
Description :
Moodle is a course management system (CMS) - a free, Open Source software
package designed using sound pedagogical principles, to help educators create
effective online learning communities.

--------------------------------------------------------------------------------
Update Information:

Fix for multiple CVEs
--------------------------------------------------------------------------------
ChangeLog:

* Mon Feb 19 2024 Gwyn Ciesla [gwync@protonmail.com] - 4.1.9-1
- 4.1.9
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2264901 - TRIAGE CVE-2024-25978 moodle: MSA-24-0001: Denial of service risk in file picker unzip functionality [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2264901
[ 2 ] Bug #2264904 - TRIAGE CVE-2024-25979 moodle: MSA-24-0002: Forum search accepted random parameters in its URL [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2264904
[ 3 ] Bug #2264907 - TRIAGE CVE-2024-25980 moodle: MSA-24-0003: H5P attempts report did not respect activity group settings [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2264907
[ 4 ] Bug #2264908 - TRIAGE CVE-2024-25981 moodle: MSA-24-0004: Forum export did not respect activity group settings [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2264908
[ 5 ] Bug #2264911 - TRIAGE CVE-2024-25982 moodle: MSA-24-0005: CSRF risk in Language import utility [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2264911
[ 6 ] Bug #2264913 - TRIAGE CVE-2024-25983 moodle: MSA-24-0006: IDOR on dashboard comments block [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2264913
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-d2f180202f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--