[Secure-testing-commits] r57661 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Nov 15 12:44:49 UTC 2017


Author: jmm
Date: 2017-11-15 12:44:48 +0000 (Wed, 15 Nov 2017)
New Revision: 57661

Modified:
   data/CVE/list
Log:
add upstream bugs for mediawiki issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-15 12:39:59 UTC (rev 57660)
+++ data/CVE/list	2017-11-15 12:44:48 UTC (rev 57661)
@@ -23181,26 +23181,33 @@
 CVE-2017-8815 (The language converter in MediaWiki before 1.27.4, 1.28.x before ...)
 	- mediawiki 1:1.27.4-1
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
+ 	NOTE: https://phabricator.wikimedia.org/T119158
 CVE-2017-8814 (The language converter in MediaWiki before 1.27.4, 1.28.x before ...)
 	- mediawiki 1:1.27.4-1
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
+	NOTE: https://phabricator.wikimedia.org/T124404
 CVE-2017-8813
 	REJECTED
 CVE-2017-8812 (MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 ...)
 	- mediawiki 1:1.27.4-1
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
+	NOTE: https://phabricator.wikimedia.org/T125163
 CVE-2017-8811 (The implementation of raw message parameter expansion in MediaWiki ...)
 	- mediawiki 1:1.27.4-1
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
+	NOTE: https://phabricator.wikimedia.org/T176247
 CVE-2017-8810 (MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before ...)
 	- mediawiki 1:1.27.4-1
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
+	NOTE: https://phabricator.wikimedia.org/T134100
 CVE-2017-8809 (api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x ...)
 	- mediawiki 1:1.27.4-1
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
+	NOTE: https://phabricator.wikimedia.org/T128209
 CVE-2017-8808 (MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 ...)
 	- mediawiki 1:1.27.4-1
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
+ 	NOTE: https://phabricator.wikimedia.org/T178451
 CVE-2017-8807 [Data leak - '-sfile' Stevedore transient objects]
 	RESERVED
 	- varnish <unfixed> (bug #881808)




More information about the Secure-testing-commits mailing list