Author: nion
Date: 2010-06-20 12:08:54 +0000 (Sun, 20 Jun 2010)
New Revision: 14887
Modified:
data/CVE/list
Log:
adjusting impact of CVE-2010-1648/CVE-2010-1647, we usually use low for web
related issues with this kind of impact
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-06-19 22:40:58 UTC (rev 14886)
+++ data/CVE/list 2010-06-20 12:08:54 UTC (rev 14887)
@@ -1640,10 +1640,10 @@
CVE-2010-1649 (Multiple cross-site scripting (XSS) vulnerabilities in the back
end in ...)
NOT-FOR-US: Joomla
CVE-2010-1648 (Cross-site request forgery (CSRF) vulnerability in the login
interface ...)
- - mediawiki <unfixed> (bug #585918; medium)
+ - mediawiki <unfixed> (bug #585918; low)
NOTE:
http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
CVE-2010-1647 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.15
before ...)
- - mediawiki <unfixed> (bug #585918; medium)
+ - mediawiki <unfixed> (bug #585918; low)
NOTE:
http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-May/000091.html
CVE-2010-1646 (The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22
and ...)
{DSA-2062-1}
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
