[Git][security-tracker-team/security-tracker][master] fixup CVE-2020-25869 vs CVE-2020-25689, Phab task got fixed with the correct ID

Mon, 28 Sep 2020 06:19:05 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9c4b9540 by Moritz Muehlenhoff at 2020-09-28T15:17:55+02:00
fixup CVE-2020-25869 vs CVE-2020-25689, Phab task got fixed with the correct ID

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -527,8 +527,11 @@ CVE-2020-25871
 CVE-2020-25870
        RESERVED
 CVE-2020-25869 (An information leak was discovered in MediaWiki before 1.31.10 
and 1.3 ...)
-       TODO: check
-       NOTE: Typo/mixup in CVE assignment with CVE-2020-25689, clarifying
+       NOT-FOR-US: CentralAuth MediaWiki extension
+       NOTE: The extension requires some new infrastructure code which was 
added to the
+       NOTE: MediaWiki 1.31.9 / 1.34.3 security releases announced at
+       NOTE: 
https://lists.wikimedia.org/pipermail/wikitech-l/2020-September/093888.html
+       NOTE: https://phabricator.wikimedia.org/T260485
 CVE-2020-25868
        RESERVED
 CVE-2020-25867
@@ -953,12 +956,6 @@ CVE-2020-25690
        RESERVED
 CVE-2020-25689
        RESERVED
-       {DSA-4767-1}
-       NOT-FOR-US: CentralAuth MediaWiki extension
-       NOTE: The extension requires some new infrastructure code which was 
added to the
-       NOTE: MediaWiki 1.31.9 / 1.34.3 security releases announced at
-       NOTE: 
https://lists.wikimedia.org/pipermail/wikitech-l/2020-September/093888.html
-       NOTE: https://phabricator.wikimedia.org/T260485
 CVE-2020-25688
        RESERVED
 CVE-2020-25687


=====================================
data/DSA/list
=====================================
@@ -1,5 +1,5 @@
 [25 Sep 2020] DSA-4767-1 mediawiki - security update
-       {CVE-2020-15005 CVE-2020-17367 CVE-2020-17368 CVE-2020-25689 
CVE-2020-25812 CVE-2020-25813 CVE-2020-25814 CVE-2020-25827 CVE-2020-25828}
+       {CVE-2020-15005 CVE-2020-17367 CVE-2020-17368 CVE-2020-25812 
CVE-2020-25813 CVE-2020-25814 CVE-2020-25827 CVE-2020-25828}
        [buster] - mediawiki 1:1.31.10-1~deb10u1
 [24 Sep 2020] DSA-4766-1 rails - security update
        {CVE-2020-8162 CVE-2020-8164 CVE-2020-8165 CVE-2020-8166 CVE-2020-8167 
CVE-2020-15169}



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c4b954022481ab8deef016c9941eb1393a156a1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c4b954022481ab8deef016c9941eb1393a156a1
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to