[Secure-testing-commits] r16625 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu May 5 06:49:51 UTC 2011
Author: jmm
Date: 2011-05-05 06:49:46 +0000 (Thu, 05 May 2011)
New Revision: 16625
Modified:
data/CVE/list
Log:
two new mediawiki issues, both not affecting stable/oldstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-05-04 21:15:14 UTC (rev 16624)
+++ data/CVE/list 2011-05-05 06:49:46 UTC (rev 16625)
@@ -1,3 +1,11 @@
+CVE-2011-XXXX [IE6 XSS protection was incomplete]
+ - mediawiki <not-affected> (Incomplete fix was never released for Debian, neither in sid, nor oldstable/stable)
+ NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534
+CVE-2011-XXXX [$wgBlockDisablesLogin insufficient]
+ - mediawiki <unfixed>
+ [lenny] - mediawiki <not-affected> (Vulnerable code not present, introduced in 1.16.0)
+ [squeeze] - mediawiki <not-affected> (Vulnerable code not present, introduced in 1.16.0)
+ NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534
CVE-2011-1867
RESERVED
CVE-2011-1866
More information about the Secure-testing-commits
mailing list