Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
697f55e9 by Moritz Muehlenhoff at 2020-03-26T23:34:36+01:00
new mediawiki issues
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -14,10 +14,17 @@ CVE-2020-10962
RESERVED
CVE-2020-10961
RESERVED
-CVE-2020-10960
+CVE-2020-10960 [mediawiki: makeCollapsible allows applying event handler to
any CSS selector]
RESERVED
-CVE-2020-10959
+ - mediawiki <unfixed>
+ [stretch] - mediawiki <not-affected> (Vulnerable code introduced later)
+ NOTE: https://phabricator.wikimedia.org/T246602
+ NOTE:
https://lists.wikimedia.org/pipermail/wikitech-l/2020-March/093243.html
+CVE-2020-10959 [mediawiki: User content can redirect the logout button to
different URL]
RESERVED
+ - mediawiki <not-affected> (Vulnerable code introduced later)
+ NOTE: https://phabricator.wikimedia.org/T232932
+ NOTE:
https://lists.wikimedia.org/pipermail/wikitech-l/2020-March/093243.html
CVE-2020-10958
RESERVED
CVE-2020-10957
=====================================
data/dsa-needed.txt
=====================================
@@ -19,6 +19,8 @@ libopenmpt
linux (carnil)
Wait until more issues have piled up
--
+mediawiki (jmm)
+--
mercurial/oldstable
--
netkit-telnet
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/697f55e97774097ad9f2869c54e69958a81fed51
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/697f55e97774097ad9f2869c54e69958a81fed51
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
