Ubuntu
mediawiki package

  1. Bug #537974
  2. Comment #5

Comment 5 for bug 537974

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package mediawiki - 1:1.15.1-1ubuntu1

---------------
mediawiki (1:1.15.1-1ubuntu1) lucid; urgency=low

  * SECURITY UPDATE: CSS validation issue allowing external images to be included
    into wikis where that is disallowed by conf. (LP: #537974)
    - debian/patches/CSS-no-CVE_rev-63429.patch
    - patch from upstream SVN rev. 63429
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
  * SECURITY UPDATE: Data leakage vulnerability in thumb.php affecting wikis
    which restrict access to private files using eg. img_auth.php.
    - debian/patches/DataLeakage-no-CVE_rev-63436.patch
    - patch from upstream SVN rev. 63436
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
 -- Andreas Wenning <email address hidden> Fri, 12 Mar 2010 12:06:25 +0100