This page was brought to my attention recently, and I wanted to hear if anybody had heard about this. If it's true, Are there patches available for this?
http://www.securityfocus.com/bid/20085
Thanks.
The very page you link to says: "Not vulnerable: 1.6.2" so the patch is part of 1.6.2 
In any case, skip 1.6.2 and go for the latest stable. Quick. It's high time you subscribed to the security announcements list. Either track the rss feed in http://security.moodle.org/ or join up with an acct, and you'll get the messages.
You also get the option to get this messages when you register your moodle install IIRC.
In any case, skip 1.6.2 and go for the latest stable. Quick. It's high time you subscribed to the security announcements list. Either track the rss feed in http://security.moodle.org/ or join up with an acct, and you'll get the messages.
You also get the option to get this messages when you register your moodle install IIRC.
Martin--
Thanks a bunch, I'm still running 1.5.3, so I wasn't sure if i'd be vulnerable (I just realizied I spelled the subject of this thread wrong). I went ahead and subscribed to the security alerts tho, thanks.
--Richie
Thanks a bunch, I'm still running 1.5.3, so I wasn't sure if i'd be vulnerable (I just realizied I spelled the subject of this thread wrong). I went ahead and subscribed to the security alerts tho, thanks.
--Richie