Author: carnil
Date: 2016-06-04 14:18:42 +0000 (Sat, 04 Jun 2016)
New Revision: 42304
Modified:
data/CVE/list
Log:
mediawiki is now removed from jessie, remove no-dsa and end-of-life tagged
entries
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-04 07:56:45 UTC (rev 42303)
+++ data/CVE/list 2016-06-04 14:18:42 UTC (rev 42304)
@@ -1177,7 +1177,6 @@
NOTE: PHP bug: https://bugs.php.net/bug.php?id=70121
CVE-2016-XXXX [mediawiki issues from 1.26.3, 1.25.6 and 1.23.14]
- mediawiki <removed>
- [jessie] - mediawiki <end-of-life> (Not supported after April 2016)
[wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-May/000188.html
CVE-2016-4952 [scsi: pvscsi: out-of-bounds access issue in
pvsci_ring_init_msg/data routines]
@@ -13459,21 +13458,18 @@
CVE-2015-8628
RESERVED
- mediawiki <removed> (low)
- [jessie] - mediawiki <no-dsa> (Minor issue)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T109724
CVE-2015-8627
RESERVED
- mediawiki <removed> (low)
- [jessie] - mediawiki <no-dsa> (Minor issue)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T97897
CVE-2015-8626
RESERVED
- mediawiki <removed> (low)
- [jessie] - mediawiki <no-dsa> (Minor issue)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T115522
@@ -13484,21 +13480,18 @@
CVE-2015-8624
RESERVED
- mediawiki <removed> (low)
- [jessie] - mediawiki <no-dsa> (Minor issue)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T119309
CVE-2015-8623
RESERVED
- mediawiki <removed> (low)
- [jessie] - mediawiki <no-dsa> (Minor issue)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://gerrit.wikimedia.org/r/#/c/156336/5/includes/User.php
CVE-2015-8622 [XSS from wikitext]
RESERVED
- mediawiki <removed> (low)
- [jessie] - mediawiki <no-dsa> (Minor issue)
[wheezy] - mediawiki <no-dsa> (Minor issue)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T117899
@@ -17795,31 +17788,26 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1274452
CVE-2015-8005 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x
before ...)
- mediawiki <removed>
- [jessie] - mediawiki <no-dsa> (Minor issues)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T108616
CVE-2015-8004 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x
before ...)
- mediawiki <removed>
- [jessie] - mediawiki <no-dsa> (Minor issues)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T95589
CVE-2015-8003 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x
before ...)
- mediawiki <removed>
- [jessie] - mediawiki <no-dsa> (Minor issues)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T91850
CVE-2015-8002 (The chunked upload API (ApiUpload) in MediaWiki before 1.23.11,
1.24.x ...)
- mediawiki <removed>
- [jessie] - mediawiki <no-dsa> (Minor issues)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T91205
CVE-2015-8001 (The chunked upload API (ApiUpload) in MediaWiki before 1.23.11,
1.24.x ...)
- mediawiki <removed>
- [jessie] - mediawiki <no-dsa> (Minor issues)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T91203
@@ -23371,7 +23359,6 @@
NOTE: https://phabricator.wikimedia.org/T103765
CVE-2015-6730 (Cross-site scripting (XSS) vulnerability in thumb.php in
MediaWiki ...)
- mediawiki <removed> (bug #799096)
- [jessie] - mediawiki <no-dsa> (Minor issues)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T97391
@@ -23380,20 +23367,17 @@
NOTE: https://phabricator.wikimedia.org/T97391
CVE-2015-6728 (The ApiBase::getWatchlistUser function in MediaWiki before
1.23.10, ...)
- mediawiki <removed> (bug #799096)
- [jessie] - mediawiki <no-dsa> (Minor issues)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T94116
CVE-2013-7444 (The Special:Contributions page in MediaWiki before 1.22.0
allows ...)
- mediawiki <removed> (bug #799096)
- [jessie] - mediawiki <no-dsa> (Minor issues)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T106893
NOTE:
https://github.com/wikimedia/mediawiki/commit/dc2966bd05b69321300c63fd0bd78e7c78ecea6e
CVE-2015-6727 (The Special:DeletedContributions page in MediaWiki before
1.23.10, ...)
- mediawiki <removed> (bug #799096)
- [jessie] - mediawiki <no-dsa> (Minor issues)
[wheezy] - mediawiki <no-dsa> (Minor issues)
[squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://phabricator.wikimedia.org/T106893
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
