[Secure-testing-commits] r36347 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Aug 27 19:54:35 UTC 2015


Author: carnil
Date: 2015-08-27 19:54:35 +0000 (Thu, 27 Aug 2015)
New Revision: 36347

Modified:
   data/CVE/list
Log:
Add CVEs for mediawiki. Add back TODO item to recheck each individual CVE

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-08-27 18:42:15 UTC (rev 36346)
+++ data/CVE/list	2015-08-27 19:54:35 UTC (rev 36347)
@@ -1560,12 +1560,96 @@
 	[squeeze] - openssh <no-dsa> (Minor issue)
 	NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=5e75f5198769056089fb06c4d738ab0e5abc66f7
 	NOTE: http://www.openwall.com/lists/oss-security/2015/08/11/9
-CVE-2015-XXXX [Mediawiki Security and Maintenance Releases: 1.25.2, 1.24.3, 1.23.10]
+CVE-2015-6737
 	- mediawiki <unfixed>
 	[jessie] - mediawiki <no-dsa> (Minor issues)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/12/6
+	NOTE: https://phabricator.wikimedia.org/T88964
+	TODO: recheck after CVE assignment
+CVE-2015-6736
+	- mediawiki <unfixed>
+	[jessie] - mediawiki <no-dsa> (Minor issues)
+	[wheezy] - mediawiki <no-dsa> (Minor issues)
+	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
+	NOTE: https://phabricator.wikimedia.org/T97083
+	TODO: recheck after CVE assignment
+CVE-2015-6735
+	- mediawiki <unfixed>
+	[jessie] - mediawiki <no-dsa> (Minor issues)
+	[wheezy] - mediawiki <no-dsa> (Minor issues)
+	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
+	NOTE: https://phabricator.wikimedia.org/T100211
+	TODO: recheck after CVE assignment
+CVE-2015-6734
+	- mediawiki <unfixed>
+	[jessie] - mediawiki <no-dsa> (Minor issues)
+	[wheezy] - mediawiki <no-dsa> (Minor issues)
+	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
+	NOTE: https://phabricator.wikimedia.org/T108198
+	TODO: recheck after CVE assignment
+CVE-2015-6733
+	- mediawiki <unfixed>
+	[jessie] - mediawiki <no-dsa> (Minor issues)
+	[wheezy] - mediawiki <no-dsa> (Minor issues)
+	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
+	NOTE: https://phabricator.wikimedia.org/T108198
+	TODO: recheck after CVE assignment
+CVE-2015-6732
+	- mediawiki <unfixed>
+	[jessie] - mediawiki <no-dsa> (Minor issues)
+	[wheezy] - mediawiki <no-dsa> (Minor issues)
+	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
+	NOTE: https://phabricator.wikimedia.org/T103391
+	NOTE: https://phabricator.wikimedia.org/T103765
+	NOTE: https://phabricator.wikimedia.org/T103765
+	TODO: recheck after CVE assignment
+CVE-2015-6731
+	- mediawiki <unfixed>
+	[jessie] - mediawiki <no-dsa> (Minor issues)
+	[wheezy] - mediawiki <no-dsa> (Minor issues)
+	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
+	NOTE: https://phabricator.wikimedia.org/T103391
+	NOTE: https://phabricator.wikimedia.org/T103765
+	NOTE: https://phabricator.wikimedia.org/T103765
+	TODO: recheck after CVE assignment
+CVE-2015-6730
+	- mediawiki <unfixed>
+	[jessie] - mediawiki <no-dsa> (Minor issues)
+	[wheezy] - mediawiki <no-dsa> (Minor issues)
+	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
+	NOTE: https://phabricator.wikimedia.org/T97391
+	TODO: recheck after CVE assignment
+CVE-2015-6729
+	- mediawiki <unfixed>
+	[jessie] - mediawiki <no-dsa> (Minor issues)
+	[wheezy] - mediawiki <no-dsa> (Minor issues)
+	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
+	NOTE: https://phabricator.wikimedia.org/T97391
+	TODO: recheck after CVE assignment
+CVE-2015-6728
+	- mediawiki <unfixed>
+	[jessie] - mediawiki <no-dsa> (Minor issues)
+	[wheezy] - mediawiki <no-dsa> (Minor issues)
+	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
+	NOTE: https://phabricator.wikimedia.org/T94116
+	TODO: recheck after CVE assignment
+CVE-2013-7444
+	- mediawiki <unfixed>
+	[jessie] - mediawiki <no-dsa> (Minor issues)
+	[wheezy] - mediawiki <no-dsa> (Minor issues)
+	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
+	NOTE: https://phabricator.wikimedia.org/T106893
+	NOTE: https://github.com/wikimedia/mediawiki/commit/dc2966bd05b69321300c63fd0bd78e7c78ecea6e
+	TODO: recheck after CVE assignment
+CVE-2015-6727
+	- mediawiki <unfixed>
+	[jessie] - mediawiki <no-dsa> (Minor issues)
+	[wheezy] - mediawiki <no-dsa> (Minor issues)
+	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
+	NOTE: https://phabricator.wikimedia.org/T106893
+	NOTE: https://github.com/wikimedia/mediawiki/commit/5faabfa1bbf65536ea36108887040198afcb3c82
+	TODO: recheck after CVE assignment
 CVE-2015-5964 (The (1) contrib.sessions.backends.base.SessionBase.flush and (2) ...)
 	{DSA-3338-1 DLA-301-1}
 	- python-django <unfixed> (bug #796104)




More information about the Secure-testing-commits mailing list