[Secure-testing-commits] r30851 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Dec 20 05:00:46 UTC 2014
Author: carnil
Date: 2014-12-20 05:00:46 +0000 (Sat, 20 Dec 2014)
New Revision: 30851
Modified:
data/CVE/list
Log:
Add two new mediawiki issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-20 04:55:25 UTC (rev 30850)
+++ data/CVE/list 2014-12-20 05:00:46 UTC (rev 30851)
@@ -1,3 +1,9 @@
+CVE-2014-XXXX [XSS]
+ - mediawiki <unfixed>
+ NOTE: https://phabricator.wikimedia.org/T76686 (still not public)
+CVE-2014-XXXX [Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains]
+ - mediawiki <not-affected> (CORS support was added in 1.20)
+ NOTE: https://phabricator.wikimedia.org/T77028
CVE-2014-XXXX [x86_64: userspace address leak]
- linux <unfixed>
- linux-2.6 <removed>
More information about the Secure-testing-commits
mailing list