[Secure-testing-commits] r31113 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jan 4 04:14:00 UTC 2015
Author: carnil
Date: 2015-01-04 04:14:00 +0000 (Sun, 04 Jan 2015)
New Revision: 31113
Modified:
data/CVE/list
Log:
CVEs assigned for mediawiki
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-04 00:20:19 UTC (rev 31112)
+++ data/CVE/list 2015-01-04 04:14:00 UTC (rev 31113)
@@ -566,11 +566,11 @@
- json-glib <unfixed> (low; bug #772585)
[squeeze] - json-glib <not-affected> (Tool not yet present)
[wheezy] - json-glib <not-affected> (Tool not yet present)
-CVE-2014-XXXX [XSS]
+CVE-2014-9475 [XSS]
- mediawiki 1:1.19.20+dfsg-2.2 (bug #773654)
[squeeze] - mediawiki <end-of-life>
NOTE: https://phabricator.wikimedia.org/T76686 (still not public)
-CVE-2014-XXXX [Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains]
+CVE-2014-9476 [Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains]
- mediawiki <not-affected> (CORS support was added in 1.20)
NOTE: https://phabricator.wikimedia.org/T77028
CVE-2014-9419 (The __switch_to function in arch/x86/kernel/process_64.c in the Linux ...)
More information about the Secure-testing-commits
mailing list