Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 697f55e9 by Moritz Muehlenhoff at 2020-03-26T23:34:36+01:00 new mediawiki issues - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -14,10 +14,17 @@ CVE-2020-10962 RESERVED CVE-2020-10961 RESERVED -CVE-2020-10960 +CVE-2020-10960 [mediawiki: makeCollapsible allows applying event handler to any CSS selector] RESERVED -CVE-2020-10959 + - mediawiki <unfixed> + [stretch] - mediawiki <not-affected> (Vulnerable code introduced later) + NOTE: https://phabricator.wikimedia.org/T246602 + NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-March/093243.html +CVE-2020-10959 [mediawiki: User content can redirect the logout button to different URL] RESERVED + - mediawiki <not-affected> (Vulnerable code introduced later) + NOTE: https://phabricator.wikimedia.org/T232932 + NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-March/093243.html CVE-2020-10958 RESERVED CVE-2020-10957 ===================================== data/dsa-needed.txt ===================================== @@ -19,6 +19,8 @@ libopenmpt linux (carnil) Wait until more issues have piled up -- +mediawiki (jmm) +-- mercurial/oldstable -- netkit-telnet View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/697f55e97774097ad9f2869c54e69958a81fed51 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/697f55e97774097ad9f2869c54e69958a81fed51 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits