Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 603764 - <www-apps/moodle-{3.1.10, 3.2.7, 3.3.4, 3.4.1}: Remote code execution through embedded dev-php/PHPMailer (CVE-2016-10033)
Summary: <www-apps/moodle-{3.1.10, 3.2.7, 3.3.4, 3.4.1}: Remote code execution through...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: ~2 [noglsa]
Keywords:
Depends on:
Blocks: 603752
  Show dependency tree
 
Reported: 2016-12-26 13:49 UTC by Thomas Deutschmann
Modified: 2018-01-25 21:33 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann gentoo-dev Security 2016-12-26 13:49:23 UTC
It is suspected that this package is vulnerable to a security vulnerability via embedded dev-php/PHPMailer. As such we ask maintainers with packages suspected to be vulnerable to verify if the package is (or have been) affected. 

Please see the information contained in the tracker bug 603752.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-10-05 17:09:14 UTC
ping.

@Maintainers any news about this? Thank you

Gentoo Security Padawan
ChrisADR
Comment 2 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-01-25 21:33:59 UTC
All vulnerable versions have been removed in accordance with upstream fixes:

https://tracker.moodle.org/browse/MDL-57531

Not digging through Git logs.