[Secure-testing-commits] r30894 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Dec 21 21:25:11 UTC 2014
Author: carnil
Date: 2014-12-21 21:25:11 +0000 (Sun, 21 Dec 2014)
New Revision: 30894
Modified:
data/CVE/list
Log:
Add bug reference for mediawiki issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-21 21:25:03 UTC (rev 30893)
+++ data/CVE/list 2014-12-21 21:25:11 UTC (rev 30894)
@@ -1,5 +1,5 @@
CVE-2014-XXXX [XSS]
- - mediawiki <unfixed>
+ - mediawiki <unfixed> (bug #773654)
NOTE: https://phabricator.wikimedia.org/T76686 (still not public)
CVE-2014-XXXX [Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains]
- mediawiki <not-affected> (CORS support was added in 1.20)
More information about the Secure-testing-commits
mailing list