[Git][security-tracker-team/security-tracker][master] mediawiki DSA
Moritz Muehlenhoff
jmm at debian.org
Fri Sep 25 18:40:40 BST 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ea7fcf1b by Moritz Muehlenhoff at 2020-09-25T19:39:38+02:00
mediawiki DSA
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -23284,7 +23284,6 @@ CVE-2020-15006 (Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG do
NOT-FOR-US: Bludit
CVE-2020-15005 (In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34. ...)
- mediawiki 1:1.31.8-1
- [buster] - mediawiki <postponed> (Minor issue)
[stretch] - mediawiki <postponed> (Minor issue)
NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-June/093535.html
CVE-2020-15004
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[25 Sep 2020] DSA-4767-1 mediawiki - security update
+ {CVE-2020-15005 CVE-2020-17367 CVE-2020-17368 CVE-2020-25689 CVE-2020-25812 CVE-2020-25813 CVE-2020-25814 CVE-2020-25827 CVE-2020-25828}
+ [buster] - mediawiki 1:1.31.10-1~deb10u1
[24 Sep 2020] DSA-4766-1 rails - security update
{CVE-2020-8162 CVE-2020-8164 CVE-2020-8165 CVE-2020-8166 CVE-2020-8167 CVE-2020-15169}
[buster] - rails 2:5.2.2.1+dfsg-1+deb10u2
=====================================
data/dsa-needed.txt
=====================================
@@ -28,8 +28,6 @@ libuv1
linux (carnil)
Wait until more issues have piled up
--
-mediawiki (jmm)
---
netty
--
python-flask-cors
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea7fcf1b63e0ed3ede31ff7c6938975d1a5b220d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea7fcf1b63e0ed3ede31ff7c6938975d1a5b220d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200925/5bb38046/attachment.html>
More information about the debian-security-tracker-commits
mailing list