Re: DSA-2022-1 / CVE-identifiers

To: Henri Salo <henri@nerv.fi>
Cc: debian-security-tracker@lists.debian.org
Subject: Re: DSA-2022-1 / CVE-identifiers
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Wed, 28 Jul 2010 20:39:15 -0400
Message-id: <20100729003915.GA4539@galadriel.inutil.org>
In-reply-to: <20100728175150.724d417a@foo.fgeek.fi>
References: <20100728175150.724d417a@foo.fgeek.fi>

On Wed, Jul 28, 2010 at 05:51:50PM +0300, Henri Salo wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Issue DSA-2022-1 got CVE-identifiers:
> 
> CVE-2010-1189:
> a CSS validation issue was discovered which allows editors to display
>     external images in wiki pages.
> 
> CVE-2010-1190:
> a data leakage vulnerability was discovered in thumb.php which affects
>     wikis which restrict access to private files using img_auth.php, or
>     some similar scheme.
> 
> References:
> http://seclists.org/oss-sec/2010/q1/189

If you're interested in more direct access to the security tracker
data, please see 

http://svn.debian.org/wsvn/secure-testing/doc/narrative_introduction?op=file&rev=0&sc=0
http://security-tracker.debian.org/tracker/data/report

Cheers,
        Moritz

Reply to:

References:
- DSA-2022-1 / CVE-identifiers
  - From: Henri Salo <henri@nerv.fi>

Prev by Date: DSA-2076-1 vs. tracker
Next by Date: Re: scans in my hosts. (Debian 5.0 and Apache 2.2.9)
Previous by thread: Re: DSA-2022-1 / CVE-identifiers
Next by thread: scans in my hosts. (Debian 5.0 and Apache 2.2.9)
Index(es):
- Date
- Thread