releasing DTSA-196-1 (mediawiki), adding tor bugs

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@11201 e39458fd-73e7-0310-bf30-c45bca0a0e42

2 files changed, 7 insertions, 2 deletions

diff --git a/data/CVE/list b/data/CVE/list
index bda92224bb..b53a4451f3 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,6 @@
+CVE-2009-XXXX [mediawiki XSS in installer scripts]
+	[lenny] - mediawiki 1:1.12.0-2lenny3 (low; bug #514547)
+	NOTE: CVE id was requested on oss-sec
 CVE-2009-XXXX [Wireshark: $HOME issue ]
 	- wireshark <unfixed>
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.8)
@@ -79,9 +82,9 @@ CVE-2008-6100 (Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.
 CVE-2008-6099 (PHP remote file inclusion vulnerability in index.php in RPortal 1.1 ...)
 	NOT-FOR-US: RPortal
 CVE-2009-XXXX [tor: potential crash on exit nodes when processing malformed input]
-	- tor 0.2.0.34-1
+	- tor 0.2.0.34-1 (bug #512728)
 CVE-2009-XXXX [tor: DoS vulnerability that could be performed by a directory mirror]
-	- tor 0.2.0.34-1
+	- tor 0.2.0.34-1 (bug #514580)
 CVE-2009-0502 (Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php ...)
 	- moodle 1.8.2.dfsg-3 (low)
 	TODO: check snoopy and code copies
diff --git a/data/DTSA/list b/data/DTSA/list
index 2017b942f2..5f2da1d987 100644
--- a/data/DTSA/list
+++ b/data/DTSA/list
@@ -583,3 +583,5 @@
 [February 12th, 2009] DTSA-195-1 moodle - several vulnerabilities
 	{CVE-2009-0500 CVE-2009-0501}
 	[lenny] - moodle 1.8.2.dfsg-3+lenny1
+[February 12th, 2009] DTSA-196-1 mediawiki - cross-site scripting
+	[lenny] - mediawiki 1:1.12.0-2lenny3