[Git][security-tracker-team/security-tracker][master] Code affecting in CVE-2021-30154 is introduced by...

Abhijith PA abhijith at debian.org
Tue May 4 14:20:58 BST 2021



Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker


Commits:
26d7f9e7 by Abhijith PA at 2021-05-04T18:45:22+05:30
Code affecting in CVE-2021-30154 is introduced by https://phabricator.wikimedia.org/rMW2647cbc4a456b0154bdafe70386ae0ef04d997a1
which is done after 1.27x release. For CVE-2021-30157 rcfilters-filter-*-label messages are not present in 1.27

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4207,6 +4207,7 @@ CVE-2021-30158 (An issue was discovered in MediaWiki before 1.31.12 and 1.32.x t
 CVE-2021-30157 (An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...)
 	{DSA-4889-1}
 	- mediawiki 1:1.35.2-1
+	[stretch] - mediawiki <not-affected> (Vulnerable code not present)
 	NOTE: https://phabricator.wikimedia.org/T278058
 	NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/674085
 CVE-2021-30156 (An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...)
@@ -4221,6 +4222,7 @@ CVE-2021-30155 (An issue was discovered in MediaWiki before 1.31.12 and 1.32.x t
 CVE-2021-30154 (An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through ...)
 	{DSA-4889-1}
 	- mediawiki 1:1.35.2-1
+	[stretch] - mediawiki <not-affected> (Vulnerable code introduced later)
 	NOTE: https://phabricator.wikimedia.org/T278014
 	NOTE: https://gerrit.wikimedia.org/r/c/mediawiki/core/+/674083/
 CVE-2021-30153



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26d7f9e7e1488cf30bc961239917850f0471e65f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26d7f9e7e1488cf30bc961239917850f0471e65f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210504/0fcf3e73/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list