CVS: cvs.openbsd.org: ports

Stuart Henderson Sat, 01 Sep 2012 04:11:56 -0700

CVSROOT:        /cvs
Module name:    ports
Changes by:     st...@cvs.openbsd.org   2012/09/01 05:10:45


Modified files:
        www/mediawiki  : Makefile distinfo 
        www/mediawiki/pkg: PLIST 

Log message:
security update to mediawiki 1.19.2, ok maintainer (Wen Heping) and jasper@

CVE-2012-4377 Stored XSS via a File::link to a non-existing image

CVE-2012-4378 Multiple DOM-based XSS flaws due improper filtering of
uselang parameter

CVE-2012-4379 CSRF tokens, available via API, not protected when
X-Frame-Options headers used

CVE-2012-4380 Did not prevent account creation for IP addresses
blocked with GlobalBlocking

CVE-2012-4381 Password saved always to the local MediaWiki database

CVE-2012-4382 Metadata about blocks

CVS: cvs.openbsd.org: ports

Reply via email to