CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2012/09/01 05:10:45
Modified files: www/mediawiki : Makefile distinfo www/mediawiki/pkg: PLIST Log message: security update to mediawiki 1.19.2, ok maintainer (Wen Heping) and jasper@ CVE-2012-4377 Stored XSS via a File::link to a non-existing image CVE-2012-4378 Multiple DOM-based XSS flaws due improper filtering of uselang parameter CVE-2012-4379 CSRF tokens, available via API, not protected when X-Frame-Options headers used CVE-2012-4380 Did not prevent account creation for IP addresses blocked with GlobalBlocking CVE-2012-4381 Password saved always to the local MediaWiki database CVE-2012-4382 Metadata about blocks