[Secure-testing-commits] r43010 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Jul 5 07:53:01 UTC 2016
Author: jmm
Date: 2016-07-05 07:53:01 +0000 (Tue, 05 Jul 2016)
New Revision: 43010
Modified:
data/CVE/list
Log:
mediawiki back in the archive:
the latest 1.25 release isn't included yet since it was
in NEW, but it will be updated to the new 1.27 LTS series soon
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-05 07:49:37 UTC (rev 43009)
+++ data/CVE/list 2016-07-05 07:53:01 UTC (rev 43010)
@@ -3665,7 +3665,7 @@
NOTE: Fixed in PHP 7.0.0, 5.6.12, 5.5.28, 5.4.44
NOTE: PHP bug: https://bugs.php.net/bug.php?id=70121
CVE-2016-XXXX [mediawiki issues from 1.26.3, 1.25.6 and 1.23.14]
- - mediawiki <removed>
+ - mediawiki <unfixed>
[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-May/000188.html
CVE-2016-4952 [scsi: pvscsi: out-of-bounds access issue in pvsci_ring_init_msg/data routines]
@@ -16316,19 +16316,19 @@
NOTE: Introduced at least after: https://github.com/tatsuhiro-t/nghttp2/commit/b2fb888363c08e98aae0638db62cdf7d164ea1d1
CVE-2015-8628
RESERVED
- - mediawiki <removed> (low)
+ - mediawiki 1:1.25.5-1 (low)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T109724
CVE-2015-8627
RESERVED
- - mediawiki <removed> (low)
+ - mediawiki 1:1.25.5-1 (low)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T97897
CVE-2015-8626
RESERVED
- - mediawiki <removed> (low)
+ - mediawiki 1:1.25.5-1 (low)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T115522
@@ -16338,19 +16338,19 @@
NOTE: https://phabricator.wikimedia.org/T118032
CVE-2015-8624
RESERVED
- - mediawiki <removed> (low)
+ - mediawiki 1:1.25.5-1 (low)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T119309
CVE-2015-8623
RESERVED
- - mediawiki <removed> (low)
+ - mediawiki 1:1.25.5-1 (low)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://gerrit.wikimedia.org/r/#/c/156336/5/includes/User.php
CVE-2015-8622 [XSS from wikitext]
RESERVED
- - mediawiki <removed> (low)
+ - mediawiki 1:1.25.5-1 (low)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T117899
@@ -20664,27 +20664,27 @@
NOTE: http://pkgs.fedoraproject.org/cgit/xscreensaver.git/plain/xscreensaver-5.33-0002-Modify-sigchld_hander-in_signal_hander_p-mechanism.patch?id=b57f59f3482fedf70ce7a3541094e2512290139f
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1274452
CVE-2015-8005 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before ...)
- - mediawiki <removed>
+ - mediawiki 1:1.25.5-1
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T108616
CVE-2015-8004 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before ...)
- - mediawiki <removed>
+ - mediawiki 1:1.25.5-1
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T95589
CVE-2015-8003 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before ...)
- - mediawiki <removed>
+ - mediawiki 1:1.25.5-1
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T91850
CVE-2015-8002 (The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x ...)
- - mediawiki <removed>
+ - mediawiki 1:1.25.5-1
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T91205
CVE-2015-8001 (The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x ...)
- - mediawiki <removed>
+ - mediawiki 1:1.25.5-1
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T91203
@@ -26234,7 +26234,7 @@
NOTE: https://phabricator.wikimedia.org/T103765
NOTE: https://phabricator.wikimedia.org/T103765
CVE-2015-6730 (Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki ...)
- - mediawiki <removed> (bug #799096)
+ - mediawiki 1:1.25.5-1 (bug #799096)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T97391
@@ -26242,18 +26242,18 @@
- mediawiki <not-affected> (Introduced in 1.21)
NOTE: https://phabricator.wikimedia.org/T97391
CVE-2015-6728 (The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, ...)
- - mediawiki <removed> (bug #799096)
+ - mediawiki 1:1.25.5-1 (bug #799096)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T94116
CVE-2013-7444 (The Special:Contributions page in MediaWiki before 1.22.0 allows ...)
- - mediawiki <removed> (bug #799096)
+ - mediawiki 1:1.25.5-1 (bug #799096)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T106893
NOTE: https://github.com/wikimedia/mediawiki/commit/dc2966bd05b69321300c63fd0bd78e7c78ecea6e
CVE-2015-6727 (The Special:DeletedContributions page in MediaWiki before 1.23.10, ...)
- - mediawiki <removed> (bug #799096)
+ - mediawiki 1:1.25.5-1 (bug #799096)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T106893
More information about the Secure-testing-commits
mailing list