Security: Upcoming Security Release for edx-platform on 2024-06-17

Glib_Glugovskiy · June 12, 2024, 7:37pm

A security patch for openedx/edx-platform will be added to the Redwood release candidate branch, and to the current master branch on 2024-06-17T14:00:00Z.

It will fix one security defect with a “High” CVSS 3.1 severity rating.

Details will be published here after release: GitHub security advisory.

dave · June 13, 2024, 2:51am

Note that this vulnerability does not exist in Quince, so no Quince backport will be necessary.

Glib_Glugovskiy · June 17, 2024, 2:07pm

This security fix has been published.

The fix has been merged to:

master:
fix: add edit permissions for limited staff only in LMS · openedx/edx-platform@0153086 · GitHub
open-release/redwood.master:
fix: security issue limited staff have edit access through some APIs … · openedx/edx-platform@50097c2 · GitHub

Topic		Replies	Views
Security: Upcoming Security Release for edx-platform 2024-07-25 Security edx-platform	1	58	July 25, 2024
Upcoming Security Fix for edx-platform on 2024-05-17 Security	1	182	May 17, 2024
Security: Upcoming Security Release for openedx-translations 2024-08-23 Security translation	0	38	August 21, 2024
Security: Upcoming Security Release for edx-platform on 2023-07-25 Security	1	329	July 25, 2023
Upcoming Moderate Security Fix for edx-platform on 2024-01-12 Security	1	243	January 12, 2024

Security: Upcoming Security Release for edx-platform on 2024-06-17

Related topics