[Secure-testing-commits] r18131 - data/CVE

[Jonathan Wiltshire]

Author: jmw
Date: 2012-01-12 12:57:30 +0000 (Thu, 12 Jan 2012)
New Revision: 18131

Modified:
   data/CVE/list
Log:
update previous mediawiki cves

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-01-12 09:14:20 UTC (rev 18130)
+++ data/CVE/list	2012-01-12 12:57:30 UTC (rev 18131)
@@ -10064,7 +10064,7 @@
 	- mediawiki <not-affected> (Incomplete fix was never released for Debian, neither in sid, nor oldstable/stable)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534
 CVE-2011-1766 (includes/User.php in MediaWiki before 1.16.5, when ...)
-	- mediawiki <unfixed> 
+	- mediawiki <not-affected> (Vulnerable code not present, planned next upload will skip it)
 	[lenny] - mediawiki <not-affected> (Vulnerable code not present, introduced in 1.16.0)
 	[squeeze] - mediawiki <not-affected> (Vulnerable code not present, introduced in 1.16.0)
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=28534
@@ -16155,7 +16155,7 @@
 	- piwik <itp> (bug #506933)
 CVE-2011-0003 (MediaWiki before 1.16.1, when user or site JavaScript or CSS is ...)
 	{DTSA-207-1}
-	- mediawiki <unfixed>
+	- mediawiki 1:1.15.5-2
 	[lenny] - mediawiki 1:1.12.0-2lenny7
 CVE-2011-0002 (libuser before 0.57 uses a cleartext password value of (1) !! or (2) x ...)
 	- libuser 1:0.56.9.dfsg.1-1.1 (bug #610034)