[Secure-testing-commits] r20062 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Fri Aug 31 08:31:36 UTC 2012
Author: jmm
Date: 2012-08-31 08:31:36 +0000 (Fri, 31 Aug 2012)
New Revision: 20062
Modified:
data/CVE/list
Log:
new mediawiki issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-08-31 08:00:30 UTC (rev 20061)
+++ data/CVE/list 2012-08-31 08:31:36 UTC (rev 20062)
@@ -1,3 +1,22 @@
+CVE-2012-XXXX [mediawiki stored XSS]
+ - mediawiki <unfixed> (bug #686330)
+ [squeeze] - mediawiki <not-affected> (Introduced in 1.16)
+ NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39700
+CVE-2012-XXXX [DOM-based XSS]
+ - mediawiki <unfixed> (bug #686330)
+ NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=37587
+CVE-2012-XXXX [CSRF]
+ - mediawiki <unfixed> (bug #686330)
+ NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39180
+CVE-2012-XXXX [Insufficient API for account creation block]
+ - mediawiki <unfixed> (bug #686330)
+ NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39824
+CVE-2012-XXXX [Passwords were stored in local DB even if auth systems like LDAP were used]
+ - mediawiki <unfixed> (bug #686330)
+ NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39184
+CVE-2012-XXXX [Info leak in user blocks]
+ - mediawiki <unfixed> (bug #686330)
+ NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=39823
CVE-2012-XXXX
- juju 0.5.1-2 (bug #685728)
CVE-2012-4681 (Oracle Java 7 Update 6, and possibly other versions, allows remote ...)
More information about the Secure-testing-commits
mailing list