Mi è arrivato il messaggio qui sotto riportato.
Hi, Moodlers! You are receiving this email because you chose to receive notifications from moodle.org when you registered your Moodle site. We would like you to know that a serious security vulnerability was just discovered in all versions of Moodle 1.6 and later that allows SQL injection. A quick one-line fix has already been added to CVS to patch this problem for 1.6.x and 1.7 versions. Please update your servers using CVS as soon as possible, or edit the file blog/index.php in your copy manually as described here: http://cvs.moodle.com/blog/index.php?r1=188.8.131.52&r2=184.108.40.206 [ http://cvs.moodle.com/blog/index.php?r1=220.127.116.11&r2=18.104.22.168 ] We'll also be releasing a Moodle 1.6.3 soon (but don't wait for it, patch your servers NOW!) Cheers and thanks for using Moodle,
Martin Dougiamas (Moodle Lead)