[Secure-testing-commits] r17709 - data/CVE
Luciano Bello
luciano at alioth.debian.org
Tue Nov 29 18:46:46 UTC 2011
Author: luciano
Date: 2011-11-29 18:46:46 +0000 (Tue, 29 Nov 2011)
New Revision: 17709
Modified:
data/CVE/list
Log:
mediawiki and mojarra issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-11-29 18:06:56 UTC (rev 17708)
+++ data/CVE/list 2011-11-29 18:46:46 UTC (rev 17709)
@@ -1,8 +1,8 @@
CVE-2011-XXXX [page titles on private wikis]
- - mediawiki <unfixed>
+ - mediawiki <unfixed> (bug #650434)
NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html
CVE-2011-XXXX [lack of read permission checks]
- - mediawiki <unfixed>
+ - mediawiki <unfixed> (bug #650434)
NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html
CVE-2011-4558
RESERVED
@@ -495,10 +495,12 @@
RESERVED
CVE-2011-4360
RESERVED
-CVE-2011-4359
+CVE-2011-4359 [MyFaces - includeViewParameters re-evaluates param/model values as EL expressions]
RESERVED
-CVE-2011-4358
+ NOT-FOR-US: Apache MyFaces
+CVE-2011-4358 [Mojarra - includeViewParameters re-evaluates param/model values as EL expressions]
RESERVED
+ - mojarra <unfixed> (bug #650430)
CVE-2011-4357 [clearsilver format string issue]
RESERVED
- clearsilver <unfixed> (bug #649322)
More information about the Secure-testing-commits
mailing list