diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2020-12-18 08:44:43 +0100 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-12-18 08:44:43 +0100 |
commit | 9dd057f628ed05a72c5ee474532cfadac3f1fab9 (patch) | |
tree | 521e7edf25e49696b63d93465509faf7eff7389b /data | |
parent | 529b13848c2705c962d86cbef0d157a3acd20cb4 (diff) |
add mw short descriptions, two issues n/a for buster/stretch
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 22 | ||||
-rw-r--r-- | data/dsa-needed.txt | 2 |
2 files changed, 18 insertions, 6 deletions
diff --git a/data/CVE/list b/data/CVE/list index b9947f8bff..7caa823f24 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -144,31 +144,41 @@ CVE-2020-35482 RESERVED CVE-2020-35481 RESERVED -CVE-2020-35480 +CVE-2020-35480 [Divergent behavior for contributions and user pages of hidden users and missing users] RESERVED - mediawiki 1:1.35.1-1 NOTE: https://phabricator.wikimedia.org/T120883 -CVE-2020-35479 + NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html +CVE-2020-35479 [BlockLogFormatter can output raw html] RESERVED - mediawiki 1:1.35.1-1 NOTE: https://phabricator.wikimedia.org/T268938 -CVE-2020-35478 + NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html +CVE-2020-35478 [BlockLogFormatter can output raw html] RESERVED - mediawiki 1:1.35.1-1 + [buster] - mediawiki <not-affected> (Introduced in 1.33) + [stretch] - mediawiki <not-affected> (Introduced in 1.33) NOTE: https://phabricator.wikimedia.org/T268938 -CVE-2020-35477 + NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html +CVE-2020-35477 [Unable to change visibility of log entries when MediaWiki:Mainpage uses Special:MyLanguage] RESERVED - mediawiki 1:1.35.1-1 NOTE: https://phabricator.wikimedia.org/T205908 + NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html CVE-2020-35476 (A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 ...) NOT-FOR-US: OpenTSDB -CVE-2020-35475 +CVE-2020-35475 [Messages userrights-expiry-current and userrights-expiry-none can contain raw html] RESERVED - mediawiki 1:1.35.1-1 -CVE-2020-35474 + NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html +CVE-2020-35474 [Message recentchanges-legend-watchlistexpiry can contain raw html] RESERVED - mediawiki 1:1.35.1-1 + [buster] - mediawiki <not-affected> (Introduced in 1.35) + [stretch] - mediawiki <not-affected> (Introduced in 1.35) NOTE: https://phabricator.wikimedia.org/T268894 + NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html CVE-2020-35473 RESERVED CVE-2020-35472 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index 146bd2d457..6578abf5ef 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -26,6 +26,8 @@ linux (carnil) lxml Regression when running under Python 2 -- +mediawiki (jmm) +-- netty -- php-pear (carnil) |