DSA-2022-1 / CVE-identifiers

To: security@debian.org, debian-security@lists.debian.org, debian-security-tracker@lists.debian.org
Subject: DSA-2022-1 / CVE-identifiers
From: Henri Salo <henri@nerv.fi>
Date: Wed, 28 Jul 2010 17:51:50 +0300
Message-id: <[🔎] 20100728175150.724d417a@foo.fgeek.fi>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Issue DSA-2022-1 got CVE-identifiers:

CVE-2010-1189:
a CSS validation issue was discovered which allows editors to display
    external images in wiki pages.

CVE-2010-1190:
a data leakage vulnerability was discovered in thumb.php which affects
    wikis which restrict access to private files using img_auth.php, or
    some similar scheme.

References:
http://seclists.org/oss-sec/2010/q1/189

Best regards,
Henri Salo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkxQRAYACgkQXf6hBi6kbk/6YACbBvKmsa4hsVbIWv29Hll5tRjP
JyoAoJo0XmBwDCW/aFMZb7A3+geJcZva
=qTIq
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: DSA-2022-1 / CVE-identifiers
  - From: Nico Golde <debian-security+ml@ngolde.de>
- scans in my hosts. (Debian 5.0 and Apache 2.2.9)
  - From: "OLCESE, Marcelo Oscar." <molcese@ancal.com.ar>

Prev by Date: Re: [SECURITY] [DSA 2076-1] New gnupg2 packages fix potential code execution
Next by Date: Re: DSA-2022-1 / CVE-identifiers
Previous by thread: Anne G. Sæbø is out of the office.
Next by thread: Re: DSA-2022-1 / CVE-identifiers
Index(es):
- Date
- Thread