Lucene search

K
debianDebianDEBIAN:DSA-2320-1:43361
HistoryOct 08, 2011 - 1:23 p.m.

[SECURITY] [DSA 2320-1] dokuwiki regression fix

2011-10-0813:23:36
lists.debian.org
7

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

Low

EPSS

0.003

Percentile

70.5%


Debian Security Advisory DSA-2320-1 [email protected]
http://www.debian.org/security/ Thijs Kinkhorst
October 8, 2011 http://www.debian.org/security/faq


Package : dokuwiki
Vulnerability : regression fix
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-2510
Debian Bug : 644145

The dokuwiki update included in Debian Lenny 5.0.9 to address a cross
site scripting issue (CVE-2011-2510) had a regression rendering links
to external websites broken. This update corrects that regression.

For the oldstable distribution (lenny), this problem has been fixed in
version 0.0.20080505-4+lenny4.

We recommend that you upgrade your dokuwiki packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian5alldokuwiki< 0.0.20080505-4+lenny4dokuwiki_0.0.20080505-4+lenny4_all.deb
Debian6alldokuwiki< 0.0.20091225c-10+squeeze2dokuwiki_0.0.20091225c-10+squeeze2_all.deb
Debian5alldokuwiki< 0.0.20080505-4+lenny3dokuwiki_0.0.20080505-4+lenny3_all.deb

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

Low

EPSS

0.003

Percentile

70.5%