[Secure-testing-commits] r26304 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Mar 28 05:20:58 UTC 2014
Author: carnil
Date: 2014-03-28 05:20:58 +0000 (Fri, 28 Mar 2014)
New Revision: 26304
Modified:
data/CVE/list
Log:
Add temporary item for mediawiki
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-03-28 05:18:42 UTC (rev 26303)
+++ data/CVE/list 2014-03-28 05:20:58 UTC (rev 26304)
@@ -1,3 +1,7 @@
+CVE-2014-XXXX [Login csrf in Special:ChangePassword]
+ - mediawiki <unfixed>
+ NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=62497
+ NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-March/000145.html
CVE-2014-2656 [arbitrary insertions of malicious data within cube parameter]
NOT-FOR-US: Hypercube
CVE-2014-2655 [postfixadmin sql injection]
More information about the Secure-testing-commits
mailing list