Fix moin XSS issues in unstable/testing

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@11073 e39458fd-73e7-0310-bf30-c45bca0a0e42

3 files changed, 6 insertions, 3 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 54adaad7f3..3e506cac4f 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4,7 +4,7 @@ CVE-2009-0282 [Integer overflow in Ralink SSID parsing]
 	- rt2570 1.1.0+cvs20080623-2 (bug #513001)
 	- rt73 1:1.0.3.6-cvs20080623-dfsg1-3 (bug #512995)
 CVE-2009-0312 [moin: XSS in antispam.py]
-	- moin <unfixed> (low)
+	- moin 1.8.1-1.1 (low)
 	NOTE: http://hg.moinmo.in/moin/1.7/rev/89b91bf87dad
 CVE-2009-0276
 	RESERVED
@@ -80,8 +80,7 @@ CVE-2009-0262 (Stack-based buffer overflow in Triologic Media Player 7 and 8.0.0
 CVE-2009-0261 (Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 ...)
 	NOT-FOR-US: EffectMatrix Total Video Player
 CVE-2009-0260 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	- moin <unfixed> (bug #513158; low)
-	NOTE: version 1.8.1-1 in unstable vulnerable despite the CVE description
+	- moin 1.8.1-1.1 (bug #513158; low)
 CVE-2008-5964 (Session fixation vulnerability in Social ImpressCMS before 1.1.1 RC1 ...)
 	NOT-FOR-US: Social ImpressCMS
 CVE-2008-5963 (Eval injection vulnerability in library/setup/rpc.php in Gravity ...)
diff --git a/data/DTSA/list b/data/DTSA/list
index eae210684e..255a0893c7 100644
--- a/data/DTSA/list
+++ b/data/DTSA/list
@@ -557,3 +557,6 @@
 [January 25th, 2009] DTSA-186-1 mediawiki - several vulnerabilities
 	{CVE-2008-5249 CVE-2008-5250 CVE-2008-5252 CVE-2008-5687}
 	[lenny] - mediawiki 1:1.12.0-2lenny2
+[January 28th, 2009] DTSA-187-1 moin - cross-site scripting vulnerabilities
+	{CVE-2009-0260 CVE-2009-0312}
+	[lenny] - moin 1.7.1-3+lenny1
diff --git a/data/NMU/list b/data/NMU/list
index 74aa6d07a0..4bc29528c3 100644
--- a/data/NMU/list
+++ b/data/NMU/list
@@ -134,3 +134,4 @@
 2008-12-10 awstats 6.7.dfsg-5.1
 2008-12-24 screenie 1.30.0-5.1
 2009-01-15 uw-imap 2007b~dfsg-1.1
+2009-01-28 moin 1.8.1-1.1