From d97d2c5af1e2ca57ce4fe2308fe7b417d98e5a3d Mon Sep 17 00:00:00 2001
From: Nico Golde <nion@debian.org>
Date: Thu, 12 Feb 2009 22:06:00 +0000
Subject: releasing DTSA-196-1 (mediawiki), adding tor bugs

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@11201 e39458fd-73e7-0310-bf30-c45bca0a0e42
---
 data/CVE/list  | 7 +++++--
 data/DTSA/list | 2 ++
 2 files changed, 7 insertions(+), 2 deletions(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index bda92224bb..b53a4451f3 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,6 @@
+CVE-2009-XXXX [mediawiki XSS in installer scripts]
+	[lenny] - mediawiki 1:1.12.0-2lenny3 (low; bug #514547)
+	NOTE: CVE id was requested on oss-sec
 CVE-2009-XXXX [Wireshark: $HOME issue ]
 	- wireshark <unfixed>
 	[etch] - wireshark <not-affected> (Vulnerable code not present, introduced in 0.99.8)
@@ -79,9 +82,9 @@ CVE-2008-6100 (Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.
 CVE-2008-6099 (PHP remote file inclusion vulnerability in index.php in RPortal 1.1 ...)
 	NOT-FOR-US: RPortal
 CVE-2009-XXXX [tor: potential crash on exit nodes when processing malformed input]
-	- tor 0.2.0.34-1
+	- tor 0.2.0.34-1 (bug #512728)
 CVE-2009-XXXX [tor: DoS vulnerability that could be performed by a directory mirror]
-	- tor 0.2.0.34-1
+	- tor 0.2.0.34-1 (bug #514580)
 CVE-2009-0502 (Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php ...)
 	- moodle 1.8.2.dfsg-3 (low)
 	TODO: check snoopy and code copies
diff --git a/data/DTSA/list b/data/DTSA/list
index 2017b942f2..5f2da1d987 100644
--- a/data/DTSA/list
+++ b/data/DTSA/list
@@ -583,3 +583,5 @@
 [February 12th, 2009] DTSA-195-1 moodle - several vulnerabilities
 	{CVE-2009-0500 CVE-2009-0501}
 	[lenny] - moodle 1.8.2.dfsg-3+lenny1
+[February 12th, 2009] DTSA-196-1 mediawiki - cross-site scripting
+	[lenny] - mediawiki 1:1.12.0-2lenny3
-- 
cgit v1.2.3