[Secure-testing-commits] r12417 - in data: CVE NMU
Nico Golde
nion at alioth.debian.org
Sun Jul 26 16:17:55 UTC 2009
Author: nion
Date: 2009-07-26 16:17:55 +0000 (Sun, 26 Jul 2009)
New Revision: 12417
Modified:
data/CVE/list
data/NMU/list
Log:
mediawiki xss fixed in 1:1.15.0-1.1, unlike the bug states this is only one issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-07-26 15:11:04 UTC (rev 12416)
+++ data/CVE/list 2009-07-26 16:17:55 UTC (rev 12417)
@@ -210,8 +210,8 @@
RESERVED
CVE-2009-2492 (Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart ...)
- movabletype-opensource 4.2.6.1-1 (low; bug #537935)
-CVE-2009-XXXX [mediawiki: multiple vulnerabilities]
- - mediawiki <unfixed> (medium; bug #537634)
+CVE-2009-XXXX [mediawiki: XSS via specialblock]
+ - mediawiki 1:1.15.0-1.1 (low; bug #537634)
[etch] - mediawiki <not-affected> (vulnerably code introduced in 1.14.0)
[lenny] - mediawiki <not-affected> (vulnerably code introduced in 1.14.0)
NOTE: fixed in upstream 1.15.1
Modified: data/NMU/list
===================================================================
--- data/NMU/list 2009-07-26 15:11:04 UTC (rev 12416)
+++ data/NMU/list 2009-07-26 16:17:55 UTC (rev 12417)
@@ -159,3 +159,4 @@
2009-07-06 drupal6 6.12-1.1
2009-07-11 sork-passwd-h3 3.1-1.1
2009-07-24 pulseaudio 0.9.15-4.1
+2009-07-26 mediawiki 1:1.15.0-1.1
More information about the Secure-testing-commits
mailing list