[Secure-testing-commits] r12417 - in data: CVE NMU

Nico Golde nion at alioth.debian.org
Sun Jul 26 16:17:55 UTC 2009


Author: nion
Date: 2009-07-26 16:17:55 +0000 (Sun, 26 Jul 2009)
New Revision: 12417

Modified:
   data/CVE/list
   data/NMU/list
Log:
mediawiki xss fixed in 1:1.15.0-1.1, unlike the bug states this is only one issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-07-26 15:11:04 UTC (rev 12416)
+++ data/CVE/list	2009-07-26 16:17:55 UTC (rev 12417)
@@ -210,8 +210,8 @@
 	RESERVED
 CVE-2009-2492 (Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart ...)
 	- movabletype-opensource 4.2.6.1-1 (low; bug #537935) 
-CVE-2009-XXXX [mediawiki: multiple vulnerabilities]
-	- mediawiki <unfixed> (medium; bug #537634)
+CVE-2009-XXXX [mediawiki: XSS via specialblock]
+	- mediawiki 1:1.15.0-1.1 (low; bug #537634)
 	[etch] - mediawiki <not-affected> (vulnerably code introduced in 1.14.0)
 	[lenny] - mediawiki <not-affected> (vulnerably code introduced in 1.14.0)
 	NOTE: fixed in upstream 1.15.1

Modified: data/NMU/list
===================================================================
--- data/NMU/list	2009-07-26 15:11:04 UTC (rev 12416)
+++ data/NMU/list	2009-07-26 16:17:55 UTC (rev 12417)
@@ -159,3 +159,4 @@
 2009-07-06 drupal6 6.12-1.1
 2009-07-11 sork-passwd-h3 3.1-1.1
 2009-07-24 pulseaudio 0.9.15-4.1
+2009-07-26 mediawiki 1:1.15.0-1.1




More information about the Secure-testing-commits mailing list