Revise earlier Moodle entry with released advisories (MSA-16-0023 - MSA-16-026)

Security:	CVE-2016-8642
Security:	CVE-2016-8643
Security:	CVE-2016-8644

1 files changed, 16 insertions, 5 deletions

diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 3664f145c84..2c5832ce9d5 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -498,19 +498,30 @@ Notes:
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">
 	<p>Marina Glancy reports:</p>
-	<blockquote cite="https://docs.moodle.org/dev/Moodle_3.1.3_release_notes">
-	  <p>A number of security related issues were resolved. Details of these
-	    issues will be released after a period of approximately one week to
-	    allow system administrators to safely update to the latest version.</p>
+	<blockquote cite="https://moodle.org/security/">
+	  <ul>
+	    <li><p>MSA-16-0023: Question engine allows access to files that
+	    should not be available</p></li>
+	    <li><p>MSA-16-0024: Non-admin site managers may accidentally edit
+	    admins via web services</p></li>
+	    <li><p>MSA-16-0025: Capability to view course notes is checked in
+	    the wrong context</p></li>
+	    <li><p>MSA-16-0026: When debugging is enabled, error exceptions
+	    returned from webservices could contain private data</p></li>
+	  </ul>
 	</blockquote>
       </body>
     </description>
     <references>
-      <url>https://docs.moodle.org/dev/Moodle_3.1.3_release_notes</url>
+      <cvename>CVE-2016-8642</cvename>
+      <cvename>CVE-2016-8643</cvename>
+      <cvename>CVE-2016-8644</cvename>
+      <url>https://moodle.org/security/</url>
     </references>
     <dates>
       <discovery>2016-11-14</discovery>
       <entry>2016-11-16</entry>
+      <modified>2016-11-27</modified>
     </dates>
   </vuln>