thr3ads.net - Secure testing commits - [Secure-testing-commits] r17821

If this information is useful, please help other people find it:
Share via:

Joey Hess

2011-Dec-19 09:14 UTC

[Secure-testing-commits] r17821 - data/CVE

Author: joeyh
Date: 2011-12-19 09:14:21 +0000 (Mon, 19 Dec 2011)
New Revision: 17821

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-12-19 08:01:51 UTC (rev 17820)
+++ data/CVE/list	2011-12-19 09:14:21 UTC (rev 17821)
@@ -1573,10 +1573,12 @@
 	NOTE: the announcement says that the debian package is not affected, but there
are no additional patches that would cause different behavior (i.e. the
base64_reverse_table is the same in debian and upstream), so if upstream is
affected, so too is the debian package
 CVE-2011-4361 [lack of read permission checks]
 	RESERVED
+	{DSA-2366-1}
 	- mediawiki 1:1.15.5-4 (bug #650434)
 	NOTE:
http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html
 CVE-2011-4360 [page titles on private wikis]
 	RESERVED
+	{DSA-2366-1}
 	- mediawiki 1:1.15.5-4 (bug #650434)
 	NOTE:
http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html
 CVE-2011-4359 [MyFaces - includeViewParameters re-evaluates param/model values
as EL expressions]
@@ -9568,6 +9570,7 @@
 	- thunar <not-affected> (Introduced in 1.2, only in experimental)
 	NOTE:
http://git.xfce.org/xfce/thunar/diff/?id=03dd312e157d4fa8a11d5fa402706ae5b05806fa
 CVE-2011-1587 (Cross-site scripting (XSS) vulnerability in MediaWiki before
1.16.4, ...)
+	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
 CVE-2011-1586 (Directory traversal vulnerability in the ...)
 	- kdenetwork <unfixed>
@@ -9592,10 +9595,13 @@
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 CVE-2011-1580 (The transwiki import functionality in MediaWiki before 1.16.3
does not ...)
+	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
 CVE-2011-1579 (The checkCss function in includes/Sanitizer.php in the wikitext
parser ...)
+	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
 CVE-2011-1578 (Cross-site scripting (XSS) vulnerability in MediaWiki before
1.16.3, ...)
+	{DSA-2366-1}
 	- mediawiki 1:1.15.5-5
 CVE-2011-1577 (Heap-based buffer overflow in the is_gpt_valid function in ...)
 	{DSA-2264-1}

Secure testing commits - Dec 2011 - r17821 - data/CVE

[Secure-testing-commits] r17821 - data/CVE