thr3ads.net - Secure testing commits - [Secure-testing-commits] r11073

If this information is useful, please help other people find it:
Share via:

white at alioth.debian.org

2009-Jan-28 17:05 UTC

[Secure-testing-commits] r11073 - in data: CVE DTSA NMU

Author: white
Date: 2009-01-28 17:05:35 +0000 (Wed, 28 Jan 2009)
New Revision: 11073

Modified:
   data/CVE/list
   data/DTSA/list
   data/NMU/list
Log:
Fix moin XSS issues in unstable/testing

Modified: data/CVE/list
==================================================================---
data/CVE/list	2009-01-28 16:56:28 UTC (rev 11072)
+++ data/CVE/list	2009-01-28 17:05:35 UTC (rev 11073)
@@ -4,7 +4,7 @@
 	- rt2570 1.1.0+cvs20080623-2 (bug #513001)
 	- rt73 1:1.0.3.6-cvs20080623-dfsg1-3 (bug #512995)
 CVE-2009-0312 [moin: XSS in antispam.py]
-	- moin <unfixed> (low)
+	- moin 1.8.1-1.1 (low)
 	NOTE: http://hg.moinmo.in/moin/1.7/rev/89b91bf87dad
 CVE-2009-0276
 	RESERVED
@@ -80,8 +80,7 @@
 CVE-2009-0261 (Stack-based buffer overflow in EffectMatrix Total Video Player
1.31 ...)
 	NOT-FOR-US: EffectMatrix Total Video Player
 CVE-2009-0260 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	- moin <unfixed> (bug #513158; low)
-	NOTE: version 1.8.1-1 in unstable vulnerable despite the CVE description
+	- moin 1.8.1-1.1 (bug #513158; low)
 CVE-2008-5964 (Session fixation vulnerability in Social ImpressCMS before 1.1.1
RC1 ...)
 	NOT-FOR-US: Social ImpressCMS
 CVE-2008-5963 (Eval injection vulnerability in library/setup/rpc.php in Gravity
...)

Modified: data/DTSA/list
==================================================================---
data/DTSA/list	2009-01-28 16:56:28 UTC (rev 11072)
+++ data/DTSA/list	2009-01-28 17:05:35 UTC (rev 11073)
@@ -557,3 +557,6 @@
 [January 25th, 2009] DTSA-186-1 mediawiki - several vulnerabilities
 	{CVE-2008-5249 CVE-2008-5250 CVE-2008-5252 CVE-2008-5687}
 	[lenny] - mediawiki 1:1.12.0-2lenny2
+[January 28th, 2009] DTSA-187-1 moin - cross-site scripting vulnerabilities
+	{CVE-2009-0260 CVE-2009-0312}
+	[lenny] - moin 1.7.1-3+lenny1

Modified: data/NMU/list
==================================================================---
data/NMU/list	2009-01-28 16:56:28 UTC (rev 11072)
+++ data/NMU/list	2009-01-28 17:05:35 UTC (rev 11073)
@@ -134,3 +134,4 @@
 2008-12-10 awstats 6.7.dfsg-5.1
 2008-12-24 screenie 1.30.0-5.1
 2009-01-15 uw-imap 2007b~dfsg-1.1
+2009-01-28 moin 1.8.1-1.1

Secure testing commits - Jan 2009 - r11073 - in data: CVE DTSA NMU

[Secure-testing-commits] r11073 - in data: CVE DTSA NMU