[Secure-testing-commits] r17816 - data/CVE

[Jonathan Wiltshire]

Author: jmw
Date: 2011-12-18 23:53:43 +0000 (Sun, 18 Dec 2011)
New Revision: 17816

Modified:
   data/CVE/list
Log:
mediawiki unstable fixes

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-12-18 23:42:05 UTC (rev 17815)
+++ data/CVE/list	2011-12-18 23:53:43 UTC (rev 17816)
@@ -9560,7 +9560,7 @@
 	- thunar <not-affected> (Introduced in 1.2, only in experimental)
 	NOTE: http://git.xfce.org/xfce/thunar/diff/?id=03dd312e157d4fa8a11d5fa402706ae5b05806fa
 CVE-2011-1587 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, ...)
-	- mediawiki <not-affected> (Incomplete fix never used in Debian)
+	- mediawiki 1:1.15.5-5
 CVE-2011-1586 (Directory traversal vulnerability in the ...)
 	- kdenetwork <unfixed>
 	[squeeze] - kdenetwork 4:4.4.5-2+squeeze1
@@ -9584,11 +9584,11 @@
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 CVE-2011-1580 (The transwiki import functionality in MediaWiki before 1.16.3 does not ...)
-	- mediawiki <unfixed> 
+	- mediawiki 1:1.15.5-5
 CVE-2011-1579 (The checkCss function in includes/Sanitizer.php in the wikitext parser ...)
-	- mediawiki <unfixed> 
+	- mediawiki 1:1.15.5-5
 CVE-2011-1578 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, ...)
-	- mediawiki <unfixed> 
+	- mediawiki 1:1.15.5-5
 CVE-2011-1577 (Heap-based buffer overflow in the is_gpt_valid function in ...)
 	{DSA-2264-1}
 	- linux-2.6 2.6.39-3 (low)