[Secure-testing-commits] r17821 - data/CVE

Mon Dec 19 09:14:21 UTC 2011

Author: joeyh
Date: 2011-12-19 09:14:21 +0000 (Mon, 19 Dec 2011)
New Revision: 17821

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2011-12-19 08:01:51 UTC (rev 17820)
+++ data/CVE/list	2011-12-19 09:14:21 UTC (rev 17821)
@@ -1573,10 +1573,12 @@
 	NOTE: the announcement says that the debian package is not affected, but there are no additional patches that would cause different behavior (i.e. the base64_reverse_table is the same in debian and upstream), so if upstream is affected, so too is the debian package
 CVE-2011-4361 [lack of read permission checks]
 	RESERVED
+	{DSA-2366-1}
 	- mediawiki 1:1.15.5-4 (bug #650434)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html
 CVE-2011-4360 [page titles on private wikis]
 	RESERVED
+	{DSA-2366-1}
 	- mediawiki 1:1.15.5-4 (bug #650434)
 	NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html
 CVE-2011-4359 [MyFaces - includeViewParameters re-evaluates param/model values as EL expressions]
@@ -9568,6 +9570,7 @@
 	- thunar <not-affected> (Introduced in 1.2, only in experimental)
 	NOTE: http://git.xfce.org/xfce/thunar/diff/?id=03dd312e157d4fa8a11d5fa402706ae5b05806fa
 CVE-2011-1587 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, ...)
+	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
 CVE-2011-1586 (Directory traversal vulnerability in the ...)
 	- kdenetwork <unfixed>
@@ -9592,10 +9595,13 @@
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 CVE-2011-1580 (The transwiki import functionality in MediaWiki before 1.16.3 does not ...)
+	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
 CVE-2011-1579 (The checkCss function in includes/Sanitizer.php in the wikitext parser ...)
+	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
 CVE-2011-1578 (Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, ...)
+	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
 CVE-2011-1577 (Heap-based buffer overflow in the is_gpt_valid function in ...)
 	{DSA-2264-1}


