Re: DSA-2022-1 / CVE-identifiers
On Wed, Jul 28, 2010 at 05:51:50PM +0300, Henri Salo wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Issue DSA-2022-1 got CVE-identifiers:
>
> CVE-2010-1189:
> a CSS validation issue was discovered which allows editors to display
> external images in wiki pages.
>
> CVE-2010-1190:
> a data leakage vulnerability was discovered in thumb.php which affects
> wikis which restrict access to private files using img_auth.php, or
> some similar scheme.
>
> References:
> http://seclists.org/oss-sec/2010/q1/189
If you're interested in more direct access to the security tracker
data, please see
http://svn.debian.org/wsvn/secure-testing/doc/narrative_introduction?op=file&rev=0&sc=0
http://security-tracker.debian.org/tracker/data/report
Cheers,
Moritz
Reply to: