[Secure-testing-commits] r38414 - data/CVE

Fri Dec 18 13:38:15 UTC 2015

Author: carnil
Date: 2015-12-18 13:38:15 +0000 (Fri, 18 Dec 2015)
New Revision: 38414

Modified:
   data/CVE/list
Log:
mediawiki removed from unstable

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-12-18 13:21:20 UTC (rev 38413)
+++ data/CVE/list	2015-12-18 13:38:15 UTC (rev 38414)
@@ -3434,31 +3434,31 @@
 	NOTE: http://pkgs.fedoraproject.org/cgit/xscreensaver.git/plain/xscreensaver-5.33-0002-Modify-sigchld_hander-in_signal_hander_p-mechanism.patch?id=b57f59f3482fedf70ce7a3541094e2512290139f
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1274452
 CVE-2015-8005 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before ...)
-	- mediawiki <unfixed>
+	- mediawiki <removed>
 	[jessie] - mediawiki <no-dsa> (Minor issues)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T108616
 CVE-2015-8004 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before ...)
-	- mediawiki <unfixed>
+	- mediawiki <removed>
 	[jessie] - mediawiki <no-dsa> (Minor issues)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T95589
 CVE-2015-8003 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before ...)
-	- mediawiki <unfixed>
+	- mediawiki <removed>
 	[jessie] - mediawiki <no-dsa> (Minor issues)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T91850
 CVE-2015-8002 (The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x ...)
-	- mediawiki <unfixed>
+	- mediawiki <removed>
 	[jessie] - mediawiki <no-dsa> (Minor issues)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T91205
 CVE-2015-8001 (The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x ...)
-	- mediawiki <unfixed>
+	- mediawiki <removed>
 	[jessie] - mediawiki <no-dsa> (Minor issues)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
@@ -8763,7 +8763,7 @@
 	NOTE: https://phabricator.wikimedia.org/T103765
 	NOTE: https://phabricator.wikimedia.org/T103765
 CVE-2015-6730 (Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki ...)
-	- mediawiki <unfixed> (bug #799096)
+	- mediawiki <removed> (bug #799096)
 	[jessie] - mediawiki <no-dsa> (Minor issues)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
@@ -8772,20 +8772,20 @@
 	- mediawiki <not-affected> (Introduced in 1.21)
 	NOTE: https://phabricator.wikimedia.org/T97391
 CVE-2015-6728 (The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, ...)
-	- mediawiki <unfixed> (bug #799096)
+	- mediawiki <removed> (bug #799096)
 	[jessie] - mediawiki <no-dsa> (Minor issues)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T94116
 CVE-2013-7444 (The Special:Contributions page in MediaWiki before 1.22.0 allows ...)
-	- mediawiki <unfixed> (bug #799096)
+	- mediawiki <removed> (bug #799096)
 	[jessie] - mediawiki <no-dsa> (Minor issues)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://phabricator.wikimedia.org/T106893
 	NOTE: https://github.com/wikimedia/mediawiki/commit/dc2966bd05b69321300c63fd0bd78e7c78ecea6e
 CVE-2015-6727 (The Special:DeletedContributions page in MediaWiki before 1.23.10, ...)
-	- mediawiki <unfixed> (bug #799096)
+	- mediawiki <removed> (bug #799096)
 	[jessie] - mediawiki <no-dsa> (Minor issues)
 	[wheezy] - mediawiki <no-dsa> (Minor issues)
 	[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
@@ -47865,7 +47865,7 @@
 	RESERVED
 CVE-2014-1686
 	RESERVED
-	- mediawiki <unfixed> (unimportant)
+	- mediawiki <removed> (unimportant)
 	NOTE: http://seclists.org/fulldisclosure/2014/Mar/102
 	NOTE: path disclosure not an issue
 CVE-2014-1685 (The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and ...)
@@ -162538,7 +162538,7 @@
 CVE-2007-0895 (Race condition in recursive directory deletion with the (1) -r or (2) ...)
 	NOT-FOR-US: Sun Solaris
 CVE-2007-0894 (MediaWiki before 1.9.2 allows remote attackers to obtain sensitive ...)
-	- mediawiki <unfixed> (unimportant)
+	- mediawiki <removed> (unimportant)
 	NOTE: Only path disclosure
 CVE-2007-0893 (Directory traversal vulnerability in phpMyVisites before 2.2 allows ...)
 	NOT-FOR-US: phpMyVisites


