On Mon, May 30, 2005 at 10:42:07PM +0200, Isaac Clerencia wrote: > Moodle 1.4.4 has an important security bug in a "hidden" utility. > The file delete.php is an easy way to completely delete your Moodle data, but > *as it is now* it can be used by a non-privileged attacker. > The easiest proposed fix is to just don't ship the file with Moodle, as it's a > "hidden", not-usually-used feature. > I've already uploaded 1.4.4.dfsg.1-3 to unstable to deal with this issue. > Please, accept it in Sarge. Approved. Thanks, -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature