Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits: 82a98030 by Roberto C. Sánchez at 2020-12-22T20:11:54-05:00 LTS: CVE-2020-15005/mediawiki will be fixed - - - - - ffc529a3 by Roberto C. Sánchez at 2020-12-22T20:29:56-05:00 Reserve DLA-2504-1 for mediawiki - - - - - 3 changed files: - data/CVE/list - data/DLA/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -41021,7 +41021,6 @@ CVE-2020-15006 (Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG do CVE-2020-15005 (In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34. ...) {DSA-4767-1} - mediawiki 1:1.31.8-1 - [stretch] - mediawiki <postponed> (Minor issue) NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-June/093535.html CVE-2020-15004 (OX App Suite through 7.10.3 allows stats/diagnostic?param= XSS. ...) NOT-FOR-US: Open-Xchange App Suite ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[22 Dec 2020] DLA-2504-1 mediawiki - security update + {CVE-2020-15005 CVE-2020-35477 CVE-2020-35479 CVE-2020-35480} + [stretch] - mediawiki 1:1.27.7-1~deb9u7 [22 Dec 2020] DLA-2412-2 openjdk-8 - regression update [stretch] - openjdk-8 8u275-b01-1~deb9u1 [21 Dec 2020] DLA-2503-1 node-ini - security update ===================================== data/dla-needed.txt ===================================== @@ -91,8 +91,6 @@ mariadb-10.1 (Adrian Bunk) NOTE: 20201207: still ongoing (bunk) NOTE: 20201220: debugging test failure in local build (bunk) -- -mediawiki (Roberto C. Sánchez) --- mumble NOTE: 20200325: Regression in last upload, forgot to follow up. NOTE: 20200325: https://github.com/mumble-voip/mumble/issues/3605 (abhijith) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/45060b59935ed05698d9d6ab7bb2bfe4e014be4c...ffc529a3709ee9860c8640dc796bbfff4f9029c1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/45060b59935ed05698d9d6ab7bb2bfe4e014be4c...ffc529a3709ee9860c8640dc796bbfff4f9029c1 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits