thr3ads.net - Secure testing commits - [Secure-testing-commits] r12417

If this information is useful, please help other people find it:
Share via:

Nico Golde

2009-Jul-26 16:17 UTC

[Secure-testing-commits] r12417 - in data: CVE NMU

Author: nion
Date: 2009-07-26 16:17:55 +0000 (Sun, 26 Jul 2009)
New Revision: 12417

Modified:
   data/CVE/list
   data/NMU/list
Log:
mediawiki xss fixed in 1:1.15.0-1.1, unlike the bug states this is only one
issue

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-07-26 15:11:04 UTC (rev 12416)
+++ data/CVE/list	2009-07-26 16:17:55 UTC (rev 12417)
@@ -210,8 +210,8 @@
 	RESERVED
 CVE-2009-2492 (Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six
Apart ...)
 	- movabletype-opensource 4.2.6.1-1 (low; bug #537935) 
-CVE-2009-XXXX [mediawiki: multiple vulnerabilities]
-	- mediawiki <unfixed> (medium; bug #537634)
+CVE-2009-XXXX [mediawiki: XSS via specialblock]
+	- mediawiki 1:1.15.0-1.1 (low; bug #537634)
 	[etch] - mediawiki <not-affected> (vulnerably code introduced in 1.14.0)
 	[lenny] - mediawiki <not-affected> (vulnerably code introduced in
1.14.0)
 	NOTE: fixed in upstream 1.15.1

Modified: data/NMU/list
==================================================================---
data/NMU/list	2009-07-26 15:11:04 UTC (rev 12416)
+++ data/NMU/list	2009-07-26 16:17:55 UTC (rev 12417)
@@ -159,3 +159,4 @@
 2009-07-06 drupal6 6.12-1.1
 2009-07-11 sork-passwd-h3 3.1-1.1
 2009-07-24 pulseaudio 0.9.15-4.1
+2009-07-26 mediawiki 1:1.15.0-1.1

Secure testing commits - Jul 2009 - r12417 - in data: CVE NMU

[Secure-testing-commits] r12417 - in data: CVE NMU