Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 12 Jan 2012 14:32:05 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Moritz Muehlenhoff <jmm@...ian.org>
Subject: Re: CVE request: Mediawiki

On 01/12/2012 01:31 AM, Moritz Muehlenhoff wrote:
> Hi,
> please assign a CVE ID for a new security issue fixed in Mediawiki
> 1.17.2:
>
> === Security changes ===
> * (bug 33117) prop=revisions allows deleted text to be exposed through
> cache pollution.
>
> http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_17_2/phase3/RELEASE-NOTES
> https://bugzilla.wikimedia.org/show_bug.cgi?id=33117
> https://www.mediawiki.org/wiki/Special:Code/MediaWiki/108686
> https://www.mediawiki.org/wiki/Special:Code/MediaWiki/108687
>
> Cheers,
>         Moritz

=== Security changes ===
* (bug 33117) prop=revisions allows deleted text to be exposed through cache pollution.


Please use CVE-2012-0046 for this issue.

-- 

-- Kurt Seifried / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ