[Secure-testing-commits] r26367 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Mar 31 05:16:31 UTC 2014


Author: jmm
Date: 2014-03-31 05:16:31 +0000 (Mon, 31 Mar 2014)
New Revision: 26367

Modified:
   data/CVE/list
Log:
fix three mediawiki entries; these are for extensions not packaged in Debian



Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-03-31 05:14:06 UTC (rev 26366)
+++ data/CVE/list	2014-03-31 05:16:31 UTC (rev 26367)
@@ -12942,7 +12942,7 @@
 	NOT-FOR-US: Symantec Backup Exec
 CVE-2013-4574
 	RESERVED
-	- mediawiki <unfixed>
+	NOT-FOR-US: TimedMediaHandler mediawiki extension
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=56699
 CVE-2013-4573 (Cross-site scripting (XSS) vulnerability in the ZeroRatedMobileAccess ...)
 	NOT-FOR-US: mediawiki extension ZeroRatedMobileAccess
@@ -12953,11 +12953,11 @@
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=53032
 CVE-2013-4571
 	RESERVED
-	- mediawiki <unfixed>
+	NOT-FOR-US: php-luasandbox / Scribunto mediawiki extension
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=49705
 CVE-2013-4570
 	RESERVED
-	- mediawiki <unfixed>
+	NOT-FOR-US: php-luasandbox / Scribunto mediawiki extension
 	NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=54527
 CVE-2013-4569 (The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before ...)
 	NOT-FOR-US: mediawiki extension CleanChanges




More information about the Secure-testing-commits mailing list