[Secure-testing-commits] r36699 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Sep 15 20:03:02 UTC 2015
Author: carnil
Date: 2015-09-15 20:03:02 +0000 (Tue, 15 Sep 2015)
New Revision: 36699
Modified:
data/CVE/list
Log:
Mark CVE-2015-6737 as NFU
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-15 20:00:50 UTC (rev 36698)
+++ data/CVE/list 2015-09-15 20:03:02 UTC (rev 36699)
@@ -2221,12 +2221,8 @@
NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=5e75f5198769056089fb06c4d738ab0e5abc66f7
NOTE: http://www.openwall.com/lists/oss-security/2015/08/11/9
CVE-2015-6737 (Cross-site scripting (XSS) vulnerability in the Widgets extension for ...)
- - mediawiki <unfixed>
- [jessie] - mediawiki <no-dsa> (Minor issues)
- [wheezy] - mediawiki <no-dsa> (Minor issues)
- [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
+ NOT-FOR-US: Widgets extension for MediaWiki
NOTE: https://phabricator.wikimedia.org/T88964
- TODO: recheck after CVE assignment, in extension rather than mediawiki core
CVE-2015-6736 (The Quiz extension for MediaWiki allows remote attackers to cause a ...)
NOT-FOR-US: Quiz extension for MediaWiki
NOTE: https://phabricator.wikimedia.org/T97083
More information about the Secure-testing-commits
mailing list