Hi, the attacked debdiff is for a proposed NMU to fix CVE-2008-5249, CVE-2008-5250, CVE-2008-5252 in lenny. (Backported from mediawiki 1.12.3)
mediawiki (1:1.12.0-2lenny2) testing-security; urgency=high
* Security update, NMU to fix fix CVE-2008-5249, CVE-2008-5250, CVE-2008-5252
* debian/patches/CVE-2008-5249_CVE-2008-5250_CVE-2008-5252.patch:
- Fixed output escaping for reporting of non-MediaWiki exceptions.
Potential XSS if an extension throws one of these with user input.
- Avoid fatal error in profileinfo.php when not configured.
- Fixed CSRF vulnerability in Special:Import. Fixed input validation in
transwiki import feature.
- Add a .htaccess to deleted images directory for additional protection
against exposure of deleted files with known SHA-1 hashes on default
installations.
- Fixed XSS vulnerability for Internet Explorer clients, via file uploads
which are interpreted by IE as HTML.
- Fixed XSS vulnerability for clients with SVG scripting, on wikis where SVG
uploads are enabled. Firefox 1.5+ is affected.
- Avoid streaming uploaded files to the user via index.php. This allows
security-conscious users to serve uploaded files via a different domain,
and thus client-side scripts executed from that domain cannot access the
login cookies. Affects Special:Undelete, img_auth.php and thumb.php.
- When streaming files via index.php, use the MIME type detected from the
file extension, not from the data. This reduces the XSS attack surface.
- Blacklist redirects via Special:Filepath. Such redirects exacerbate any
XSS vulnerabilities involving uploads of files containing scripts.
Closes: #508869, #508870
-- Giuseppe Iuculano <giuse...@iuculano.it> Sun, 18 Jan 2009 11:54:02 +0100
Cheers,
Giuseppe
mediawiki_1.12.0-2lenny2.debdiff.gz
Description: GNU Zip compressed data
signature.asc
Description: OpenPGP digital signature
