Author: jmm
Date: 2016-07-05 07:53:01 +0000 (Tue, 05 Jul 2016)
New Revision: 43010

Modified:
   data/CVE/list
Log:
mediawiki back in the archive:
the latest 1.25 release isn't included yet since it was
in NEW, but it will be updated to the new 1.27 LTS series soon


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-07-05 07:49:37 UTC (rev 43009)
+++ data/CVE/list       2016-07-05 07:53:01 UTC (rev 43010)
@@ -3665,7 +3665,7 @@
        NOTE: Fixed in PHP 7.0.0, 5.6.12, 5.5.28, 5.4.44
        NOTE: PHP bug: https://bugs.php.net/bug.php?id=70121
 CVE-2016-XXXX [mediawiki issues from 1.26.3, 1.25.6 and 1.23.14]
-       - mediawiki <removed>
+       - mediawiki <unfixed>
        [wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
        NOTE: 
https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-May/000188.html
 CVE-2016-4952 [scsi: pvscsi: out-of-bounds access issue in 
pvsci_ring_init_msg/data routines]
@@ -16316,19 +16316,19 @@
        NOTE: Introduced at least after: 
https://github.com/tatsuhiro-t/nghttp2/commit/b2fb888363c08e98aae0638db62cdf7d164ea1d1
 CVE-2015-8628
        RESERVED
-       - mediawiki <removed> (low)
+       - mediawiki 1:1.25.5-1 (low)
        [wheezy] - mediawiki <no-dsa> (Minor issue)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T109724
 CVE-2015-8627
        RESERVED
-       - mediawiki <removed> (low)
+       - mediawiki 1:1.25.5-1 (low)
        [wheezy] - mediawiki <no-dsa> (Minor issue)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T97897
 CVE-2015-8626
        RESERVED
-       - mediawiki <removed> (low)
+       - mediawiki 1:1.25.5-1 (low)
        [wheezy] - mediawiki <no-dsa> (Minor issue)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T115522
@@ -16338,19 +16338,19 @@
        NOTE: https://phabricator.wikimedia.org/T118032
 CVE-2015-8624
        RESERVED
-       - mediawiki <removed> (low)
+       - mediawiki 1:1.25.5-1 (low)
        [wheezy] - mediawiki <no-dsa> (Minor issue)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T119309
 CVE-2015-8623
        RESERVED
-       - mediawiki <removed> (low)
+       - mediawiki 1:1.25.5-1 (low)
        [wheezy] - mediawiki <no-dsa> (Minor issue)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://gerrit.wikimedia.org/r/#/c/156336/5/includes/User.php
 CVE-2015-8622 [XSS from wikitext]
        RESERVED
-       - mediawiki <removed> (low)
+       - mediawiki 1:1.25.5-1 (low)
        [wheezy] - mediawiki <no-dsa> (Minor issue)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T117899
@@ -20664,27 +20664,27 @@
        NOTE: 
http://pkgs.fedoraproject.org/cgit/xscreensaver.git/plain/xscreensaver-5.33-0002-Modify-sigchld_hander-in_signal_hander_p-mechanism.patch?id=b57f59f3482fedf70ce7a3541094e2512290139f
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1274452
 CVE-2015-8005 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x 
before ...)
-       - mediawiki <removed>
+       - mediawiki 1:1.25.5-1
        [wheezy] - mediawiki <no-dsa> (Minor issues)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T108616
 CVE-2015-8004 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x 
before ...)
-       - mediawiki <removed>
+       - mediawiki 1:1.25.5-1
        [wheezy] - mediawiki <no-dsa> (Minor issues)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T95589
 CVE-2015-8003 (MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x 
before ...)
-       - mediawiki <removed>
+       - mediawiki 1:1.25.5-1
        [wheezy] - mediawiki <no-dsa> (Minor issues)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T91850
 CVE-2015-8002 (The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 
1.24.x ...)
-       - mediawiki <removed>
+       - mediawiki 1:1.25.5-1
        [wheezy] - mediawiki <no-dsa> (Minor issues)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T91205
 CVE-2015-8001 (The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 
1.24.x ...)
-       - mediawiki <removed>
+       - mediawiki 1:1.25.5-1
        [wheezy] - mediawiki <no-dsa> (Minor issues)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T91203
@@ -26234,7 +26234,7 @@
        NOTE: https://phabricator.wikimedia.org/T103765
        NOTE: https://phabricator.wikimedia.org/T103765
 CVE-2015-6730 (Cross-site scripting (XSS) vulnerability in thumb.php in 
MediaWiki ...)
-       - mediawiki <removed> (bug #799096)
+       - mediawiki 1:1.25.5-1 (bug #799096)
        [wheezy] - mediawiki <no-dsa> (Minor issues)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T97391
@@ -26242,18 +26242,18 @@
        - mediawiki <not-affected> (Introduced in 1.21)
        NOTE: https://phabricator.wikimedia.org/T97391
 CVE-2015-6728 (The ApiBase::getWatchlistUser function in MediaWiki before 
1.23.10, ...)
-       - mediawiki <removed> (bug #799096)
+       - mediawiki 1:1.25.5-1 (bug #799096)
        [wheezy] - mediawiki <no-dsa> (Minor issues)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T94116
 CVE-2013-7444 (The Special:Contributions page in MediaWiki before 1.22.0 
allows ...)
-       - mediawiki <removed> (bug #799096)
+       - mediawiki 1:1.25.5-1 (bug #799096)
        [wheezy] - mediawiki <no-dsa> (Minor issues)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T106893
        NOTE: 
https://github.com/wikimedia/mediawiki/commit/dc2966bd05b69321300c63fd0bd78e7c78ecea6e
 CVE-2015-6727 (The Special:DeletedContributions page in MediaWiki before 
1.23.10, ...)
-       - mediawiki <removed> (bug #799096)
+       - mediawiki 1:1.25.5-1 (bug #799096)
        [wheezy] - mediawiki <no-dsa> (Minor issues)
        [squeeze] - mediawiki <end-of-life> (Not supported in Squeeze LTS)
        NOTE: https://phabricator.wikimedia.org/T106893


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to