[Git][security-tracker-team/security-tracker][master] tinymce removed from unstable

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f359f43c by Salvatore Bonaccorso at 2020-12-14T22:54:49+01:00
tinymce removed from unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31686,7 +31686,7 @@ CVE-2020-17482 (An issue has been found in PowerDNS Authoritative Server before
 CVE-2020-17481
 	RESERVED
 CVE-2020-17480 (TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parse ...)
-	- tinymce <unfixed> (bug #972642)
+	- tinymce <removed> (bug #972642)
 	[buster] - tinymce <no-dsa> (Minor issue)
 	[stretch] - tinymce <no-dsa> (Minor issue)
 	NOTE: https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95
@@ -44036,7 +44036,7 @@ CVE-2020-12650
 CVE-2020-12649 (Gurbalib through 2020-04-30 allows lib/cmds/player/help.c directory tr ...)
 	NOT-FOR-US: Gurbalib
 CVE-2020-12648 (A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlie ...)
-	- tinymce <unfixed> (bug #972642)
+	- tinymce <removed> (bug #972642)
 	[buster] - tinymce <no-dsa> (Minor issue)
 	[stretch] - tinymce <ignored> (Vulnerable code not present and not reproducible)
 	NOTE: https://labs.bishopfox.com/advisories/tinymce-version-5.2.1
@@ -107275,7 +107275,7 @@ CVE-2019-1010093
 CVE-2019-1010092
 	RESERVED
 CVE-2019-1010091 (tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization ...)
-	- tinymce <unfixed> (bug #970256)
+	- tinymce <removed> (bug #970256)
 	[buster] - tinymce <no-dsa> (Minor issue)
 	[stretch] - tinymce <ignored> (Minor issue, can't reproduce)
 	[jessie] - tinymce <ignored> (Minor issue, requires manually copy/pasting javascript to execute it, can't reproduce on Jessie)
@@ -347431,7 +347431,7 @@ CVE-2012-4232 (SQL injection vulnerability in admin/index.php in jCore before 1.
 CVE-2012-4231 (Cross-site scripting (XSS) vulnerability in admin/index.php in jCore b ...)
 	NOT-FOR-US: jCore
 CVE-2012-4230 (The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyM ...)
-	- tinymce <unfixed> (low; bug #796117)
+	- tinymce <removed> (low; bug #796117)
 	[buster] - tinymce <no-dsa> (Minor issue)
 	[stretch] - tinymce <no-dsa> (Minor issue)
 	[jessie] - tinymce <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f359f43c0787f32a9aef55385ca3c50f65a65119

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f359f43c0787f32a9aef55385ca3c50f65a65119
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201214/6f64e2fd/attachment.html>